securityhub: AWS SecurityHub
In paws.security.identity: 'Amazon Web Services' Security, Identity, & Compliance Services
View source: R/securityhub_service.R
securityhub R Documentation
AWS SecurityHub
Description
Security Hub provides you with a comprehensive view of the security
state of your Amazon Web Services environment and resources. It also
provides you with the readiness status of your environment based on
controls from supported security standards. Security Hub collects
security data from Amazon Web Services accounts, services, and
integrated third-party products and helps you analyze security trends in
your environment to identify the highest priority security issues. For
more information about Security Hub, see the Security Hub User Guide
.
When you use operations in the Security Hub API, the requests are
executed only in the Amazon Web Services Region that is currently active
or in the specific Amazon Web Services Region that you specify in your
request. Any configuration or settings change that results from the
operation is applied only to that Region. To make the same change in
other Regions, run the same command for each Region in which you want to
apply the change.
For example, if your Region is set to us-west-2, when you use
create_members to add a member account
to Security Hub, the association of the member account with the
administrator account is created only in the us-west-2 Region.
Security Hub must be enabled for the member account in the same Region
that the invitation was sent from.
The following throttling limits apply to using Security Hub API
operations.
-
batch_enable_standards -
RateLimit of 1 request per second. BurstLimit of 1 request per
second.
-
get_findings - RateLimit of 3
requests per second. BurstLimit of 6 requests per second.
-
batch_import_findings -
RateLimit of 10 requests per second. BurstLimit of 30 requests
per second.
-
batch_update_findings -
RateLimit of 10 requests per second. BurstLimit of 30 requests
per second.
-
update_standards_control -
RateLimit of 1 request per second. BurstLimit of 5 requests per
second.
All other operations - RateLimit of 10 requests per second.
BurstLimit of 30 requests per second.
Usage
securityhub(
config = list(),
credentials = list(),
endpoint = NULL,
region = NULL
)
Arguments
config
Optional configuration of credentials, endpoint, and/or region.
credentials:
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint: The complete URL to use for the constructed client.
region: The AWS Region used in instantiating the client.
close_connection: Immediately close all HTTP connections.
timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. http://s3.amazonaws.com/BUCKET/KEY.
sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html
credentials
Optional credentials shorthand for the config parameter
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint
Optional shorthand for complete URL to use for the constructed client.
region
Optional shorthand for AWS Region used in instantiating the client.
Value
A client for the service. You can call the service's operations using
syntax like svc$operation(...), where svc is the name you've assigned
to the client. The available operations are listed in the
Operations section.
Service syntax
svc <- securityhub(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
Operations
accept_administrator_invitation Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from
accept_invitation This method is deprecated
batch_delete_automation_rules Deletes one or more automation rules
batch_disable_standards Disables the standards specified by the provided StandardsSubscriptionArns
batch_enable_standards Enables the standards specified by the provided StandardsArn
batch_get_automation_rules Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs)
batch_get_security_controls Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region
batch_get_standards_control_associations For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard
batch_import_findings Imports security findings generated by a finding provider into Security Hub
batch_update_automation_rules Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters
batch_update_findings Used by Security Hub customers to update information about their investigation into a finding
batch_update_standards_control_associations For a batch of security controls and standards, this operation updates the enablement status of a control in a standard
create_action_target Creates a custom action target in Security Hub
create_automation_rule Creates an automation rule based on input parameters
create_finding_aggregator Used to enable finding aggregation
create_insight Creates a custom insight in Security Hub
create_members Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account
decline_invitations Declines invitations to become a member account
delete_action_target Deletes a custom action target from Security Hub
delete_finding_aggregator Deletes a finding aggregator
delete_insight Deletes the insight specified by the InsightArn
delete_invitations Deletes invitations received by the Amazon Web Services account to become a member account
delete_members Deletes the specified member accounts from Security Hub
describe_action_targets Returns a list of the custom action targets in Security Hub in your account
describe_hub Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub
describe_organization_configuration Returns information about the Organizations configuration for Security Hub
describe_products Returns information about product integrations in Security Hub
describe_standards Returns a list of the available standards in Security Hub
describe_standards_controls Returns a list of security standards controls
disable_import_findings_for_product Disables the integration of the specified product with Security Hub
disable_organization_admin_account Disables a Security Hub administrator account
disable_security_hub Disables Security Hub in your account only in the current Amazon Web Services Region
disassociate_from_administrator_account Disassociates the current Security Hub member account from the associated administrator account
disassociate_from_master_account This method is deprecated
disassociate_members Disassociates the specified member accounts from the associated administrator account
enable_import_findings_for_product Enables the integration of a partner product with Security Hub
enable_organization_admin_account Designates the Security Hub administrator account for an organization
enable_security_hub Enables Security Hub for your account in the current Region or the Region you specify in the request
get_administrator_account Provides the details for the Security Hub administrator account for the current member account
get_enabled_standards Returns a list of the standards that are currently enabled
get_finding_aggregator Returns the current finding aggregation configuration
get_finding_history Returns history for a Security Hub finding in the last 90 days
get_findings Returns a list of findings that match the specified criteria
get_insight_results Lists the results of the Security Hub insight specified by the insight ARN
get_insights Lists and describes insights for the specified insight ARNs
get_invitations_count Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation
get_master_account This method is deprecated
get_members Returns the details for the Security Hub member accounts for the specified account IDs
invite_members Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from
list_automation_rules A list of automation rules and their metadata for the calling account
list_enabled_products_for_import Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub
list_finding_aggregators If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding aggregator
list_invitations Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account
list_members Lists details about all member accounts for the current Security Hub administrator account
list_organization_admin_accounts Lists the Security Hub administrator accounts
list_security_control_definitions Lists all of the security controls that apply to a specified standard
list_standards_control_associations Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account
list_tags_for_resource Returns a list of tags associated with a resource
tag_resource Adds one or more tags to a resource
untag_resource Removes one or more tags from a resource
update_action_target Updates the name and description of a custom action target in Security Hub
update_finding_aggregator Updates the finding aggregation configuration
update_findings UpdateFindings is deprecated
update_insight Updates the Security Hub insight identified by the specified insight ARN
update_organization_configuration Used to update the configuration related to Organizations
update_security_hub_configuration Updates configuration options for Security Hub
update_standards_control Used to control whether an individual security standard control is enabled or disabled
Examples
## Not run:
svc <- securityhub()
# The following example demonstrates how an account can accept an
# invitation from the Security Hub administrator account to be a member
# account. This operation is applicable only to member accounts that are
# not added through AWS Organizations.
svc$accept_administrator_invitation(
AdministratorId = "123456789012",
InvitationId = "7ab938c5d52d7904ad09f9e7c20cc4eb"
)
## End(Not run)
paws.security.identity documentation built on Sept. 12, 2023, 1:10 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
View source: R/securityhub_service.R
| securityhub | R Documentation |
AWS SecurityHub
Description
Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and resources. It also provides you with the readiness status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated third-party products and helps you analyze security trends in your environment to identify the highest priority security issues. For more information about Security Hub, see the Security Hub User Guide .
When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, run the same command for each Region in which you want to apply the change.
For example, if your Region is set to us-west-2, when you use
create_members to add a member account
to Security Hub, the association of the member account with the
administrator account is created only in the us-west-2 Region.
Security Hub must be enabled for the member account in the same Region
that the invitation was sent from.
The following throttling limits apply to using Security Hub API operations.
-
batch_enable_standards-RateLimitof 1 request per second.BurstLimitof 1 request per second. -
get_findings-RateLimitof 3 requests per second.BurstLimitof 6 requests per second. -
batch_import_findings-RateLimitof 10 requests per second.BurstLimitof 30 requests per second. -
batch_update_findings-RateLimitof 10 requests per second.BurstLimitof 30 requests per second. -
update_standards_control-RateLimitof 1 request per second.BurstLimitof 5 requests per second. All other operations -
RateLimitof 10 requests per second.BurstLimitof 30 requests per second.
Usage
securityhub(
config = list(),
credentials = list(),
endpoint = NULL,
region = NULL
)
Arguments
config |
Optional configuration of credentials, endpoint, and/or region.
|
credentials |
Optional credentials shorthand for the config parameter
|
endpoint |
Optional shorthand for complete URL to use for the constructed client. |
region |
Optional shorthand for AWS Region used in instantiating the client. |
Value
A client for the service. You can call the service's operations using
syntax like svc$operation(...), where svc is the name you've assigned
to the client. The available operations are listed in the
Operations section.
Service syntax
svc <- securityhub(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
Operations
| accept_administrator_invitation | Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from |
| accept_invitation | This method is deprecated |
| batch_delete_automation_rules | Deletes one or more automation rules |
| batch_disable_standards | Disables the standards specified by the provided StandardsSubscriptionArns |
| batch_enable_standards | Enables the standards specified by the provided StandardsArn |
| batch_get_automation_rules | Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs) |
| batch_get_security_controls | Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region |
| batch_get_standards_control_associations | For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard |
| batch_import_findings | Imports security findings generated by a finding provider into Security Hub |
| batch_update_automation_rules | Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters |
| batch_update_findings | Used by Security Hub customers to update information about their investigation into a finding |
| batch_update_standards_control_associations | For a batch of security controls and standards, this operation updates the enablement status of a control in a standard |
| create_action_target | Creates a custom action target in Security Hub |
| create_automation_rule | Creates an automation rule based on input parameters |
| create_finding_aggregator | Used to enable finding aggregation |
| create_insight | Creates a custom insight in Security Hub |
| create_members | Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account |
| decline_invitations | Declines invitations to become a member account |
| delete_action_target | Deletes a custom action target from Security Hub |
| delete_finding_aggregator | Deletes a finding aggregator |
| delete_insight | Deletes the insight specified by the InsightArn |
| delete_invitations | Deletes invitations received by the Amazon Web Services account to become a member account |
| delete_members | Deletes the specified member accounts from Security Hub |
| describe_action_targets | Returns a list of the custom action targets in Security Hub in your account |
| describe_hub | Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub |
| describe_organization_configuration | Returns information about the Organizations configuration for Security Hub |
| describe_products | Returns information about product integrations in Security Hub |
| describe_standards | Returns a list of the available standards in Security Hub |
| describe_standards_controls | Returns a list of security standards controls |
| disable_import_findings_for_product | Disables the integration of the specified product with Security Hub |
| disable_organization_admin_account | Disables a Security Hub administrator account |
| disable_security_hub | Disables Security Hub in your account only in the current Amazon Web Services Region |
| disassociate_from_administrator_account | Disassociates the current Security Hub member account from the associated administrator account |
| disassociate_from_master_account | This method is deprecated |
| disassociate_members | Disassociates the specified member accounts from the associated administrator account |
| enable_import_findings_for_product | Enables the integration of a partner product with Security Hub |
| enable_organization_admin_account | Designates the Security Hub administrator account for an organization |
| enable_security_hub | Enables Security Hub for your account in the current Region or the Region you specify in the request |
| get_administrator_account | Provides the details for the Security Hub administrator account for the current member account |
| get_enabled_standards | Returns a list of the standards that are currently enabled |
| get_finding_aggregator | Returns the current finding aggregation configuration |
| get_finding_history | Returns history for a Security Hub finding in the last 90 days |
| get_findings | Returns a list of findings that match the specified criteria |
| get_insight_results | Lists the results of the Security Hub insight specified by the insight ARN |
| get_insights | Lists and describes insights for the specified insight ARNs |
| get_invitations_count | Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation |
| get_master_account | This method is deprecated |
| get_members | Returns the details for the Security Hub member accounts for the specified account IDs |
| invite_members | Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from |
| list_automation_rules | A list of automation rules and their metadata for the calling account |
| list_enabled_products_for_import | Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub |
| list_finding_aggregators | If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding aggregator |
| list_invitations | Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account |
| list_members | Lists details about all member accounts for the current Security Hub administrator account |
| list_organization_admin_accounts | Lists the Security Hub administrator accounts |
| list_security_control_definitions | Lists all of the security controls that apply to a specified standard |
| list_standards_control_associations | Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account |
| list_tags_for_resource | Returns a list of tags associated with a resource |
| tag_resource | Adds one or more tags to a resource |
| untag_resource | Removes one or more tags from a resource |
| update_action_target | Updates the name and description of a custom action target in Security Hub |
| update_finding_aggregator | Updates the finding aggregation configuration |
| update_findings | UpdateFindings is deprecated |
| update_insight | Updates the Security Hub insight identified by the specified insight ARN |
| update_organization_configuration | Used to update the configuration related to Organizations |
| update_security_hub_configuration | Updates configuration options for Security Hub |
| update_standards_control | Used to control whether an individual security standard control is enabled or disabled |
Examples
## Not run:
svc <- securityhub()
# The following example demonstrates how an account can accept an
# invitation from the Security Hub administrator account to be a member
# account. This operation is applicable only to member accounts that are
# not added through AWS Organizations.
svc$accept_administrator_invitation(
AdministratorId = "123456789012",
InvitationId = "7ab938c5d52d7904ad09f9e7c20cc4eb"
)
## End(Not run)
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.