com.amazonaws.services.securityhub.AWSSecurityHubClient Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws-java-sdk-securityhub Show documentation
Show all versions of aws-java-sdk-securityhub Show documentation
The AWS Java SDK for AWS SecurityHub module holds the client classes that are used for communicating with AWS SecurityHub Service
/*
* Copyright 2018-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.securityhub;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import javax.annotation.Generated;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;
import com.amazonaws.services.securityhub.AWSSecurityHubClientBuilder;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.securityhub.model.*;
import com.amazonaws.services.securityhub.model.transform.*;
/**
* Client for accessing AWS SecurityHub. All service calls made using this client are blocking, and will not return
* until the service call completes.
*
*
* Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and
* resources. It also provides you with the readiness status of your environment based on controls from supported
* security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated
* third-party products and helps you analyze security trends in your environment to identify the highest priority
* security issues. For more information about Security Hub, see the Security HubUser Guide.
*
*
* When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region
* that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any
* configuration or settings change that results from the operation is applied only to that Region. To make the same
* change in other Regions, run the same command for each Region in which you want to apply the change.
*
*
* For example, if your Region is set to us-west-2, when you use CreateMembers to add a member
* account to Security Hub, the association of the member account with the administrator account is created only in the
* us-west-2 Region. Security Hub must be enabled for the member account in the same Region that the
* invitation was sent from.
*
*
* The following throttling limits apply to using Security Hub API operations.
*
*
* -
*
* BatchEnableStandards - RateLimit of 1 request per second. BurstLimit of 1
* request per second.
*
*
* -
*
* GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests per
* second.
*
*
* -
*
* BatchImportFindings - RateLimit of 10 requests per second. BurstLimit of 30
* requests per second.
*
*
* -
*
* BatchUpdateFindings - RateLimit of 10 requests per second. BurstLimit of 30
* requests per second.
*
*
* -
*
* UpdateStandardsControl - RateLimit of 1 request per second. BurstLimit of 5
* requests per second.
*
*
* -
*
* All other operations - RateLimit of 10 requests per second. BurstLimit of 30 requests per
* second.
*
*
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AWSSecurityHubClient extends AmazonWebServiceClient implements AWSSecurityHub {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AWSSecurityHub.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "securityhub";
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
private final AdvancedConfig advancedConfig;
private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory(
new JsonClientMetadata()
.withProtocolVersion("1.1")
.withSupportsCbor(false)
.withSupportsIon(false)
.withContentTypeOverride("application/json")
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("LimitExceededException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.LimitExceededExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidInputException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.InvalidInputExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidAccessException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.InvalidAccessExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceConflictException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.ResourceConflictExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InternalException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.InternalExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller(
com.amazonaws.services.securityhub.model.transform.AccessDeniedExceptionUnmarshaller.getInstance()))
.withBaseServiceExceptionClass(com.amazonaws.services.securityhub.model.AWSSecurityHubException.class));
public static AWSSecurityHubClientBuilder builder() {
return AWSSecurityHubClientBuilder.standard();
}
/**
* Constructs a new client to invoke service methods on AWS SecurityHub using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSSecurityHubClient(AwsSyncClientParams clientParams) {
this(clientParams, false);
}
/**
* Constructs a new client to invoke service methods on AWS SecurityHub using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSSecurityHubClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
this.advancedConfig = clientParams.getAdvancedConfig();
init();
}
private void init() {
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
setEndpoint("securityhub.us-east-1.amazonaws.com");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/securityhub/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/securityhub/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the
* invitation was sent from.
*
*
* This operation is only used by member accounts that are not added through Organizations.
*
*
* When the member account accepts the invitation, permission is granted to the administrator account to view
* findings generated in the member account.
*
*
* @param acceptAdministratorInvitationRequest
* @return Result of the AcceptAdministratorInvitation operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.AcceptAdministratorInvitation
* @see AWS API Documentation
*/
@Override
public AcceptAdministratorInvitationResult acceptAdministratorInvitation(AcceptAdministratorInvitationRequest request) {
request = beforeClientExecution(request);
return executeAcceptAdministratorInvitation(request);
}
@SdkInternalApi
final AcceptAdministratorInvitationResult executeAcceptAdministratorInvitation(AcceptAdministratorInvitationRequest acceptAdministratorInvitationRequest) {
ExecutionContext executionContext = createExecutionContext(acceptAdministratorInvitationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AcceptAdministratorInvitationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(acceptAdministratorInvitationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AcceptAdministratorInvitation");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new AcceptAdministratorInvitationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* This method is deprecated. Instead, use AcceptAdministratorInvitation.
*
*
* The Security Hub console continues to use AcceptInvitation. It will eventually change to use
* AcceptAdministratorInvitation. Any IAM policies that specifically control access to this function
* must continue to use AcceptInvitation. You should also add
* AcceptAdministratorInvitation to your policies to ensure that the correct permissions are in place
* after the console begins to use AcceptAdministratorInvitation.
*
*
* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the
* invitation was sent from.
*
*
* This operation is only used by member accounts that are not added through Organizations.
*
*
* When the member account accepts the invitation, permission is granted to the administrator account to view
* findings generated in the member account.
*
*
* @param acceptInvitationRequest
* @return Result of the AcceptInvitation operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.AcceptInvitation
* @see AWS
* API Documentation
*/
@Override
@Deprecated
public AcceptInvitationResult acceptInvitation(AcceptInvitationRequest request) {
request = beforeClientExecution(request);
return executeAcceptInvitation(request);
}
@SdkInternalApi
final AcceptInvitationResult executeAcceptInvitation(AcceptInvitationRequest acceptInvitationRequest) {
ExecutionContext executionContext = createExecutionContext(acceptInvitationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AcceptInvitationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(acceptInvitationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AcceptInvitation");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new AcceptInvitationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disables the standards specified by the provided StandardsSubscriptionArns.
*
*
* For more information, see Security Standards
* section of the Security Hub User Guide.
*
*
* @param batchDisableStandardsRequest
* @return Result of the BatchDisableStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.BatchDisableStandards
* @see AWS API Documentation
*/
@Override
public BatchDisableStandardsResult batchDisableStandards(BatchDisableStandardsRequest request) {
request = beforeClientExecution(request);
return executeBatchDisableStandards(request);
}
@SdkInternalApi
final BatchDisableStandardsResult executeBatchDisableStandards(BatchDisableStandardsRequest batchDisableStandardsRequest) {
ExecutionContext executionContext = createExecutionContext(batchDisableStandardsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchDisableStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchDisableStandardsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchDisableStandards");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory
.createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new BatchDisableStandardsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Enables the standards specified by the provided StandardsArn. To obtain the ARN for a standard, use
* the DescribeStandards operation.
*
*
* For more information, see the Security Standards
* section of the Security Hub User Guide.
*
*
* @param batchEnableStandardsRequest
* @return Result of the BatchEnableStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.BatchEnableStandards
* @see AWS API Documentation
*/
@Override
public BatchEnableStandardsResult batchEnableStandards(BatchEnableStandardsRequest request) {
request = beforeClientExecution(request);
return executeBatchEnableStandards(request);
}
@SdkInternalApi
final BatchEnableStandardsResult executeBatchEnableStandards(BatchEnableStandardsRequest batchEnableStandardsRequest) {
ExecutionContext executionContext = createExecutionContext(batchEnableStandardsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchEnableStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchEnableStandardsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchEnableStandards");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchEnableStandardsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web
* Services Region.
*
*
* @param batchGetSecurityControlsRequest
* @return Result of the BatchGetSecurityControls operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.BatchGetSecurityControls
* @see AWS API Documentation
*/
@Override
public BatchGetSecurityControlsResult batchGetSecurityControls(BatchGetSecurityControlsRequest request) {
request = beforeClientExecution(request);
return executeBatchGetSecurityControls(request);
}
@SdkInternalApi
final BatchGetSecurityControlsResult executeBatchGetSecurityControls(BatchGetSecurityControlsRequest batchGetSecurityControlsRequest) {
ExecutionContext executionContext = createExecutionContext(batchGetSecurityControlsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchGetSecurityControlsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(batchGetSecurityControlsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchGetSecurityControls");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new BatchGetSecurityControlsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* For a batch of security controls and standards, identifies whether each control is currently enabled or disabled
* in a standard.
*
*
* @param batchGetStandardsControlAssociationsRequest
* @return Result of the BatchGetStandardsControlAssociations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.BatchGetStandardsControlAssociations
* @see AWS API Documentation
*/
@Override
public BatchGetStandardsControlAssociationsResult batchGetStandardsControlAssociations(BatchGetStandardsControlAssociationsRequest request) {
request = beforeClientExecution(request);
return executeBatchGetStandardsControlAssociations(request);
}
@SdkInternalApi
final BatchGetStandardsControlAssociationsResult executeBatchGetStandardsControlAssociations(
BatchGetStandardsControlAssociationsRequest batchGetStandardsControlAssociationsRequest) {
ExecutionContext executionContext = createExecutionContext(batchGetStandardsControlAssociationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchGetStandardsControlAssociationsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(batchGetStandardsControlAssociationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchGetStandardsControlAssociations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new BatchGetStandardsControlAssociationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Imports security findings generated by a finding provider into Security Hub. This action is requested by the
* finding provider to import its findings into Security Hub.
*
*
* BatchImportFindings must be called by one of the following:
*
*
* -
*
* The Amazon Web Services account that is associated with a finding if you are using the default product ARN or are a partner sending findings from within a customer's Amazon Web Services account.
* In these cases, the identifier of the account that you are calling BatchImportFindings from needs to
* be the same as the AwsAccountId attribute for the finding.
*
*
* -
*
* An Amazon Web Services account that Security Hub has allow-listed for an official partner integration. In this
* case, you can call BatchImportFindings from the allow-listed account and send findings from
* different customer accounts in the same batch.
*
*
*
*
* The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
*
*
* After a finding is created, BatchImportFindings cannot be used to update the following finding
* fields and objects, which Security Hub customers use to manage their investigation workflow.
*
*
* -
*
* Note
*
*
* -
*
* UserDefinedFields
*
*
* -
*
* VerificationState
*
*
* -
*
* Workflow
*
*
*
*
* Finding providers also should not use BatchImportFindings to update the following attributes.
*
*
* -
*
* Confidence
*
*
* -
*
* Criticality
*
*
* -
*
* RelatedFindings
*
*
* -
*
* Severity
*
*
* -
*
* Types
*
*
*
*
* Instead, finding providers use FindingProviderFields to provide values for these attributes.
*
*
* @param batchImportFindingsRequest
* @return Result of the BatchImportFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.BatchImportFindings
* @see AWS API Documentation
*/
@Override
public BatchImportFindingsResult batchImportFindings(BatchImportFindingsRequest request) {
request = beforeClientExecution(request);
return executeBatchImportFindings(request);
}
@SdkInternalApi
final BatchImportFindingsResult executeBatchImportFindings(BatchImportFindingsRequest batchImportFindingsRequest) {
ExecutionContext executionContext = createExecutionContext(batchImportFindingsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchImportFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchImportFindingsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchImportFindings");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchImportFindingsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Used by Security Hub customers to update information about their investigation into a finding. Requested by
* administrator accounts or member accounts. Administrator accounts can update findings for their account and their
* member accounts. Member accounts can update findings for their account.
*
*
* Updates from BatchUpdateFindings do not affect the value of UpdatedAt for a finding.
*
*
* Administrator and member accounts can use BatchUpdateFindings to update the following finding fields
* and objects.
*
*
* -
*
* Confidence
*
*
* -
*
* Criticality
*
*
* -
*
* Note
*
*
* -
*
* RelatedFindings
*
*
* -
*
* Severity
*
*
* -
*
* Types
*
*
* -
*
* UserDefinedFields
*
*
* -
*
* VerificationState
*
*
* -
*
* Workflow
*
*
*
*
* You can configure IAM policies to restrict access to fields and field values. For example, you might not want
* member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide.
*
*
* @param batchUpdateFindingsRequest
* @return Result of the BatchUpdateFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.BatchUpdateFindings
* @see AWS API Documentation
*/
@Override
public BatchUpdateFindingsResult batchUpdateFindings(BatchUpdateFindingsRequest request) {
request = beforeClientExecution(request);
return executeBatchUpdateFindings(request);
}
@SdkInternalApi
final BatchUpdateFindingsResult executeBatchUpdateFindings(BatchUpdateFindingsRequest batchUpdateFindingsRequest) {
ExecutionContext executionContext = createExecutionContext(batchUpdateFindingsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchUpdateFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchUpdateFindingsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchUpdateFindings");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchUpdateFindingsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* For a batch of security controls and standards, this operation updates the enablement status of a control in a
* standard.
*
*
* @param batchUpdateStandardsControlAssociationsRequest
* @return Result of the BatchUpdateStandardsControlAssociations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.BatchUpdateStandardsControlAssociations
* @see AWS API Documentation
*/
@Override
public BatchUpdateStandardsControlAssociationsResult batchUpdateStandardsControlAssociations(BatchUpdateStandardsControlAssociationsRequest request) {
request = beforeClientExecution(request);
return executeBatchUpdateStandardsControlAssociations(request);
}
@SdkInternalApi
final BatchUpdateStandardsControlAssociationsResult executeBatchUpdateStandardsControlAssociations(
BatchUpdateStandardsControlAssociationsRequest batchUpdateStandardsControlAssociationsRequest) {
ExecutionContext executionContext = createExecutionContext(batchUpdateStandardsControlAssociationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new BatchUpdateStandardsControlAssociationsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(batchUpdateStandardsControlAssociationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchUpdateStandardsControlAssociations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory
.createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new BatchUpdateStandardsControlAssociationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a custom action target in Security Hub.
*
*
* You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon
* CloudWatch Events.
*
*
* @param createActionTargetRequest
* @return Result of the CreateActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateActionTarget
* @see AWS
* API Documentation
*/
@Override
public CreateActionTargetResult createActionTarget(CreateActionTargetRequest request) {
request = beforeClientExecution(request);
return executeCreateActionTarget(request);
}
@SdkInternalApi
final CreateActionTargetResult executeCreateActionTarget(CreateActionTargetRequest createActionTargetRequest) {
ExecutionContext executionContext = createExecutionContext(createActionTargetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createActionTargetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateActionTarget");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateActionTargetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Used to enable finding aggregation. Must be called from the aggregation Region.
*
*
* For more details about cross-Region replication, see Configuring finding
* aggregation in the Security Hub User Guide.
*
*
* @param createFindingAggregatorRequest
* @return Result of the CreateFindingAggregator operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.CreateFindingAggregator
* @see AWS API Documentation
*/
@Override
public CreateFindingAggregatorResult createFindingAggregator(CreateFindingAggregatorRequest request) {
request = beforeClientExecution(request);
return executeCreateFindingAggregator(request);
}
@SdkInternalApi
final CreateFindingAggregatorResult executeCreateFindingAggregator(CreateFindingAggregatorRequest createFindingAggregatorRequest) {
ExecutionContext executionContext = createExecutionContext(createFindingAggregatorRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateFindingAggregatorRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(createFindingAggregatorRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateFindingAggregator");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new CreateFindingAggregatorResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security
* issue that requires attention or remediation.
*
*
* To group the related findings in the insight, use the GroupByAttribute.
*
*
* @param createInsightRequest
* @return Result of the CreateInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateInsight
* @see AWS API
* Documentation
*/
@Override
public CreateInsightResult createInsight(CreateInsightRequest request) {
request = beforeClientExecution(request);
return executeCreateInsight(request);
}
@SdkInternalApi
final CreateInsightResult executeCreateInsight(CreateInsightRequest createInsightRequest) {
ExecutionContext executionContext = createExecutionContext(createInsightRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createInsightRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateInsight");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateInsightResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a member association in Security Hub between the specified accounts and the account used to make the
* request, which is the administrator account. If you are integrated with Organizations, then the administrator
* account is designated by the organization management account.
*
*
* CreateMembers is always used to add accounts that are not organization members.
*
*
* For accounts that are managed using Organizations, CreateMembers is only used in the following
* cases:
*
*
* -
*
* Security Hub is not configured to automatically add new organization accounts.
*
*
* -
*
* The account was disassociated or deleted in Security Hub.
*
*
*
*
* This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the
* EnableSecurityHub operation.
*
*
* For accounts that are not organization members, you create the account association and then send an invitation to
* the member account. To send the invitation, you use the InviteMembers operation. If the account
* owner accepts the invitation, the account becomes a member account in Security Hub.
*
*
* Accounts that are managed using Organizations do not receive an invitation. They automatically become a member
* account in Security Hub.
*
*
* -
*
* If the organization account does not have Security Hub enabled, then Security Hub and the default standards are
* automatically enabled. Note that Security Hub cannot be enabled automatically for the organization management
* account. The organization management account must enable Security Hub before the administrator account enables it
* as a member account.
*
*
* -
*
* For organization accounts that already have Security Hub enabled, Security Hub does not make any other changes to
* those accounts. It does not change their enabled standards or controls.
*
*
*
*
* A permissions policy is added that permits the administrator account to view the findings generated in the member
* account.
*
*
* To remove the association between the administrator and member accounts, use the
* DisassociateFromMasterAccount or DisassociateMembers operation.
*
*
* @param createMembersRequest
* @return Result of the CreateMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateMembers
* @see AWS API
* Documentation
*/
@Override
public CreateMembersResult createMembers(CreateMembersRequest request) {
request = beforeClientExecution(request);
return executeCreateMembers(request);
}
@SdkInternalApi
final CreateMembersResult executeCreateMembers(CreateMembersRequest createMembersRequest) {
ExecutionContext executionContext = createExecutionContext(createMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Declines invitations to become a member account.
*
*
* A prospective member account uses this operation to decline an invitation to become a member.
*
*
* This operation is only called by member accounts that aren't part of an organization. Organization accounts don't
* receive invitations.
*
*
* @param declineInvitationsRequest
* @return Result of the DeclineInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeclineInvitations
* @see AWS
* API Documentation
*/
@Override
public DeclineInvitationsResult declineInvitations(DeclineInvitationsRequest request) {
request = beforeClientExecution(request);
return executeDeclineInvitations(request);
}
@SdkInternalApi
final DeclineInvitationsResult executeDeclineInvitations(DeclineInvitationsRequest declineInvitationsRequest) {
ExecutionContext executionContext = createExecutionContext(declineInvitationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeclineInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(declineInvitationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeclineInvitations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeclineInvitationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a custom action target from Security Hub.
*
*
* Deleting a custom action target does not affect any findings or insights that were already sent to Amazon
* CloudWatch Events using the custom action.
*
*
* @param deleteActionTargetRequest
* @return Result of the DeleteActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteActionTarget
* @see AWS
* API Documentation
*/
@Override
public DeleteActionTargetResult deleteActionTarget(DeleteActionTargetRequest request) {
request = beforeClientExecution(request);
return executeDeleteActionTarget(request);
}
@SdkInternalApi
final DeleteActionTargetResult executeDeleteActionTarget(DeleteActionTargetRequest deleteActionTargetRequest) {
ExecutionContext executionContext = createExecutionContext(deleteActionTargetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteActionTargetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteActionTarget");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteActionTargetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a finding aggregator. When you delete the finding aggregator, you stop finding aggregation.
*
*
* When you stop finding aggregation, findings that were already aggregated to the aggregation Region are still
* visible from the aggregation Region. New findings and finding updates are not aggregated.
*
*
* @param deleteFindingAggregatorRequest
* @return Result of the DeleteFindingAggregator operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteFindingAggregator
* @see AWS API Documentation
*/
@Override
public DeleteFindingAggregatorResult deleteFindingAggregator(DeleteFindingAggregatorRequest request) {
request = beforeClientExecution(request);
return executeDeleteFindingAggregator(request);
}
@SdkInternalApi
final DeleteFindingAggregatorResult executeDeleteFindingAggregator(DeleteFindingAggregatorRequest deleteFindingAggregatorRequest) {
ExecutionContext executionContext = createExecutionContext(deleteFindingAggregatorRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteFindingAggregatorRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(deleteFindingAggregatorRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteFindingAggregator");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DeleteFindingAggregatorResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the insight specified by the InsightArn.
*
*
* @param deleteInsightRequest
* @return Result of the DeleteInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteInsight
* @see AWS API
* Documentation
*/
@Override
public DeleteInsightResult deleteInsight(DeleteInsightRequest request) {
request = beforeClientExecution(request);
return executeDeleteInsight(request);
}
@SdkInternalApi
final DeleteInsightResult executeDeleteInsight(DeleteInsightRequest deleteInsightRequest) {
ExecutionContext executionContext = createExecutionContext(deleteInsightRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteInsightRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteInsight");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteInsightResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes invitations received by the Amazon Web Services account to become a member account.
*
*
* A Security Hub administrator account can use this operation to delete invitations sent to one or more member
* accounts.
*
*
* This operation is only used to delete invitations that are sent to member accounts that aren't part of an
* organization. Organization accounts don't receive invitations.
*
*
* @param deleteInvitationsRequest
* @return Result of the DeleteInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.DeleteInvitations
* @see AWS
* API Documentation
*/
@Override
public DeleteInvitationsResult deleteInvitations(DeleteInvitationsRequest request) {
request = beforeClientExecution(request);
return executeDeleteInvitations(request);
}
@SdkInternalApi
final DeleteInvitationsResult executeDeleteInvitations(DeleteInvitationsRequest deleteInvitationsRequest) {
ExecutionContext executionContext = createExecutionContext(deleteInvitationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteInvitationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteInvitations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteInvitationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified member accounts from Security Hub.
*
*
* Can be used to delete member accounts that belong to an organization as well as member accounts that were invited
* manually.
*
*
* @param deleteMembersRequest
* @return Result of the DeleteMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteMembers
* @see AWS API
* Documentation
*/
@Override
public DeleteMembersResult deleteMembers(DeleteMembersRequest request) {
request = beforeClientExecution(request);
return executeDeleteMembers(request);
}
@SdkInternalApi
final DeleteMembersResult executeDeleteMembers(DeleteMembersRequest deleteMembersRequest) {
ExecutionContext executionContext = createExecutionContext(deleteMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of the custom action targets in Security Hub in your account.
*
*
* @param describeActionTargetsRequest
* @return Result of the DescribeActionTargets operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeActionTargets
* @see AWS API Documentation
*/
@Override
public DescribeActionTargetsResult describeActionTargets(DescribeActionTargetsRequest request) {
request = beforeClientExecution(request);
return executeDescribeActionTargets(request);
}
@SdkInternalApi
final DescribeActionTargetsResult executeDescribeActionTargets(DescribeActionTargetsRequest describeActionTargetsRequest) {
ExecutionContext executionContext = createExecutionContext(describeActionTargetsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeActionTargetsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeActionTargetsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeActionTargets");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory
.createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DescribeActionTargetsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns details about the Hub resource in your account, including the HubArn and the time when you
* enabled Security Hub.
*
*
* @param describeHubRequest
* @return Result of the DescribeHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeHub
* @see AWS API
* Documentation
*/
@Override
public DescribeHubResult describeHub(DescribeHubRequest request) {
request = beforeClientExecution(request);
return executeDescribeHub(request);
}
@SdkInternalApi
final DescribeHubResult executeDescribeHub(DescribeHubRequest describeHubRequest) {
ExecutionContext executionContext = createExecutionContext(describeHubRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeHubRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeHub");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeHubResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns information about the Organizations configuration for Security Hub. Can only be called from a Security
* Hub administrator account.
*
*
* @param describeOrganizationConfigurationRequest
* @return Result of the DescribeOrganizationConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DescribeOrganizationConfiguration
* @see AWS API Documentation
*/
@Override
public DescribeOrganizationConfigurationResult describeOrganizationConfiguration(DescribeOrganizationConfigurationRequest request) {
request = beforeClientExecution(request);
return executeDescribeOrganizationConfiguration(request);
}
@SdkInternalApi
final DescribeOrganizationConfigurationResult executeDescribeOrganizationConfiguration(
DescribeOrganizationConfigurationRequest describeOrganizationConfigurationRequest) {
ExecutionContext executionContext = createExecutionContext(describeOrganizationConfigurationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(describeOrganizationConfigurationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeOrganizationConfiguration");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DescribeOrganizationConfigurationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns information about product integrations in Security Hub.
*
*
* You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include
* that integration.
*
*
* If you do not provide an integration ARN, then the results include all of the available product integrations.
*
*
* @param describeProductsRequest
* @return Result of the DescribeProducts operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.DescribeProducts
* @see AWS
* API Documentation
*/
@Override
public DescribeProductsResult describeProducts(DescribeProductsRequest request) {
request = beforeClientExecution(request);
return executeDescribeProducts(request);
}
@SdkInternalApi
final DescribeProductsResult executeDescribeProducts(DescribeProductsRequest describeProductsRequest) {
ExecutionContext executionContext = createExecutionContext(describeProductsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeProductsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeProductsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeProducts");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeProductsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of the available standards in Security Hub.
*
*
* For each standard, the results include the standard ARN, the name, and a description.
*
*
* @param describeStandardsRequest
* @return Result of the DescribeStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.DescribeStandards
* @see AWS
* API Documentation
*/
@Override
public DescribeStandardsResult describeStandards(DescribeStandardsRequest request) {
request = beforeClientExecution(request);
return executeDescribeStandards(request);
}
@SdkInternalApi
final DescribeStandardsResult executeDescribeStandards(DescribeStandardsRequest describeStandardsRequest) {
ExecutionContext executionContext = createExecutionContext(describeStandardsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeStandardsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeStandards");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeStandardsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of security standards controls.
*
*
* For each control, the results include information about whether it is currently enabled, the severity, and a link
* to remediation information.
*
*
* @param describeStandardsControlsRequest
* @return Result of the DescribeStandardsControls operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeStandardsControls
* @see AWS API Documentation
*/
@Override
public DescribeStandardsControlsResult describeStandardsControls(DescribeStandardsControlsRequest request) {
request = beforeClientExecution(request);
return executeDescribeStandardsControls(request);
}
@SdkInternalApi
final DescribeStandardsControlsResult executeDescribeStandardsControls(DescribeStandardsControlsRequest describeStandardsControlsRequest) {
ExecutionContext executionContext = createExecutionContext(describeStandardsControlsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeStandardsControlsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(describeStandardsControlsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeStandardsControls");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DescribeStandardsControlsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disables the integration of the specified product with Security Hub. After the integration is disabled, findings
* from that product are no longer sent to Security Hub.
*
*
* @param disableImportFindingsForProductRequest
* @return Result of the DisableImportFindingsForProduct operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DisableImportFindingsForProduct
* @see AWS API Documentation
*/
@Override
public DisableImportFindingsForProductResult disableImportFindingsForProduct(DisableImportFindingsForProductRequest request) {
request = beforeClientExecution(request);
return executeDisableImportFindingsForProduct(request);
}
@SdkInternalApi
final DisableImportFindingsForProductResult executeDisableImportFindingsForProduct(
DisableImportFindingsForProductRequest disableImportFindingsForProductRequest) {
ExecutionContext executionContext = createExecutionContext(disableImportFindingsForProductRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisableImportFindingsForProductRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(disableImportFindingsForProductRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableImportFindingsForProduct");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DisableImportFindingsForProductResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disables a Security Hub administrator account. Can only be called by the organization management account.
*
*
* @param disableOrganizationAdminAccountRequest
* @return Result of the DisableOrganizationAdminAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DisableOrganizationAdminAccount
* @see AWS API Documentation
*/
@Override
public DisableOrganizationAdminAccountResult disableOrganizationAdminAccount(DisableOrganizationAdminAccountRequest request) {
request = beforeClientExecution(request);
return executeDisableOrganizationAdminAccount(request);
}
@SdkInternalApi
final DisableOrganizationAdminAccountResult executeDisableOrganizationAdminAccount(
DisableOrganizationAdminAccountRequest disableOrganizationAdminAccountRequest) {
ExecutionContext executionContext = createExecutionContext(disableOrganizationAdminAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(disableOrganizationAdminAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableOrganizationAdminAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DisableOrganizationAdminAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disables Security Hub in your account only in the current Region. To disable Security Hub in all Regions, you
* must submit one request per Region where you have enabled Security Hub.
*
*
* When you disable Security Hub for an administrator account, it doesn't disable Security Hub for any associated
* member accounts.
*
*
* When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings
* are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your
* administrator and member account associations are removed.
*
*
* If you want to save your existing findings, you must export them before you disable Security Hub.
*
*
* @param disableSecurityHubRequest
* @return Result of the DisableSecurityHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisableSecurityHub
* @see AWS
* API Documentation
*/
@Override
public DisableSecurityHubResult disableSecurityHub(DisableSecurityHubRequest request) {
request = beforeClientExecution(request);
return executeDisableSecurityHub(request);
}
@SdkInternalApi
final DisableSecurityHubResult executeDisableSecurityHub(DisableSecurityHubRequest disableSecurityHubRequest) {
ExecutionContext executionContext = createExecutionContext(disableSecurityHubRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisableSecurityHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(disableSecurityHubRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableSecurityHub");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisableSecurityHubResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disassociates the current Security Hub member account from the associated administrator account.
*
*
* This operation is only used by accounts that are not part of an organization. For organization accounts, only the
* administrator account can disassociate a member account.
*
*
* @param disassociateFromAdministratorAccountRequest
* @return Result of the DisassociateFromAdministratorAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateFromAdministratorAccount
* @see AWS API Documentation
*/
@Override
public DisassociateFromAdministratorAccountResult disassociateFromAdministratorAccount(DisassociateFromAdministratorAccountRequest request) {
request = beforeClientExecution(request);
return executeDisassociateFromAdministratorAccount(request);
}
@SdkInternalApi
final DisassociateFromAdministratorAccountResult executeDisassociateFromAdministratorAccount(
DisassociateFromAdministratorAccountRequest disassociateFromAdministratorAccountRequest) {
ExecutionContext executionContext = createExecutionContext(disassociateFromAdministratorAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisassociateFromAdministratorAccountRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(disassociateFromAdministratorAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateFromAdministratorAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DisassociateFromAdministratorAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* This method is deprecated. Instead, use DisassociateFromAdministratorAccount.
*
*
* The Security Hub console continues to use DisassociateFromMasterAccount. It will eventually change
* to use DisassociateFromAdministratorAccount. Any IAM policies that specifically control access to
* this function must continue to use DisassociateFromMasterAccount. You should also add
* DisassociateFromAdministratorAccount to your policies to ensure that the correct permissions are in
* place after the console begins to use DisassociateFromAdministratorAccount.
*
*
* Disassociates the current Security Hub member account from the associated administrator account.
*
*
* This operation is only used by accounts that are not part of an organization. For organization accounts, only the
* administrator account can disassociate a member account.
*
*
* @param disassociateFromMasterAccountRequest
* @return Result of the DisassociateFromMasterAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateFromMasterAccount
* @see AWS API Documentation
*/
@Override
@Deprecated
public DisassociateFromMasterAccountResult disassociateFromMasterAccount(DisassociateFromMasterAccountRequest request) {
request = beforeClientExecution(request);
return executeDisassociateFromMasterAccount(request);
}
@SdkInternalApi
final DisassociateFromMasterAccountResult executeDisassociateFromMasterAccount(DisassociateFromMasterAccountRequest disassociateFromMasterAccountRequest) {
ExecutionContext executionContext = createExecutionContext(disassociateFromMasterAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisassociateFromMasterAccountRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(disassociateFromMasterAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateFromMasterAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new DisassociateFromMasterAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Disassociates the specified member accounts from the associated administrator account.
*
*
* Can be used to disassociate both accounts that are managed using Organizations and accounts that were invited
* manually.
*
*
* @param disassociateMembersRequest
* @return Result of the DisassociateMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateMembers
* @see AWS API Documentation
*/
@Override
public DisassociateMembersResult disassociateMembers(DisassociateMembersRequest request) {
request = beforeClientExecution(request);
return executeDisassociateMembers(request);
}
@SdkInternalApi
final DisassociateMembersResult executeDisassociateMembers(DisassociateMembersRequest disassociateMembersRequest) {
ExecutionContext executionContext = createExecutionContext(disassociateMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DisassociateMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(disassociateMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisassociateMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Enables the integration of a partner product with Security Hub. Integrated products send findings to Security
* Hub.
*
*
* When you enable a product integration, a permissions policy that grants permission for the product to send
* findings to Security Hub is applied.
*
*
* @param enableImportFindingsForProductRequest
* @return Result of the EnableImportFindingsForProduct operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.EnableImportFindingsForProduct
* @see AWS API Documentation
*/
@Override
public EnableImportFindingsForProductResult enableImportFindingsForProduct(EnableImportFindingsForProductRequest request) {
request = beforeClientExecution(request);
return executeEnableImportFindingsForProduct(request);
}
@SdkInternalApi
final EnableImportFindingsForProductResult executeEnableImportFindingsForProduct(EnableImportFindingsForProductRequest enableImportFindingsForProductRequest) {
ExecutionContext executionContext = createExecutionContext(enableImportFindingsForProductRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new EnableImportFindingsForProductRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(enableImportFindingsForProductRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableImportFindingsForProduct");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new EnableImportFindingsForProductResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Designates the Security Hub administrator account for an organization. Can only be called by the organization
* management account.
*
*
* @param enableOrganizationAdminAccountRequest
* @return Result of the EnableOrganizationAdminAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.EnableOrganizationAdminAccount
* @see AWS API Documentation
*/
@Override
public EnableOrganizationAdminAccountResult enableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest request) {
request = beforeClientExecution(request);
return executeEnableOrganizationAdminAccount(request);
}
@SdkInternalApi
final EnableOrganizationAdminAccountResult executeEnableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest enableOrganizationAdminAccountRequest) {
ExecutionContext executionContext = createExecutionContext(enableOrganizationAdminAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new EnableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(enableOrganizationAdminAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableOrganizationAdminAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new EnableOrganizationAdminAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Enables Security Hub for your account in the current Region or the Region you specify in the request.
*
*
* When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from other
* services that are integrated with Security Hub.
*
*
* When you use the EnableSecurityHub operation to enable Security Hub, you also automatically enable
* the following standards:
*
*
* -
*
* Center for Internet Security (CIS) Amazon Web Services Foundations Benchmark v1.2.0
*
*
* -
*
* Amazon Web Services Foundational Security Best Practices
*
*
*
*
* Other standards are not automatically enabled.
*
*
* To opt out of automatically enabled standards, set EnableDefaultStandards to false.
*
*
* After you enable Security Hub, to enable a standard, use the BatchEnableStandards operation. To
* disable a standard, use the BatchDisableStandards operation.
*
*
* To learn more, see the setup information
* in the Security Hub User Guide.
*
*
* @param enableSecurityHubRequest
* @return Result of the EnableSecurityHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @sample AWSSecurityHub.EnableSecurityHub
* @see AWS
* API Documentation
*/
@Override
public EnableSecurityHubResult enableSecurityHub(EnableSecurityHubRequest request) {
request = beforeClientExecution(request);
return executeEnableSecurityHub(request);
}
@SdkInternalApi
final EnableSecurityHubResult executeEnableSecurityHub(EnableSecurityHubRequest enableSecurityHubRequest) {
ExecutionContext executionContext = createExecutionContext(enableSecurityHubRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new EnableSecurityHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(enableSecurityHubRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableSecurityHub");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new EnableSecurityHubResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Provides the details for the Security Hub administrator account for the current member account.
*
*
* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
*
*
* @param getAdministratorAccountRequest
* @return Result of the GetAdministratorAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetAdministratorAccount
* @see AWS API Documentation
*/
@Override
public GetAdministratorAccountResult getAdministratorAccount(GetAdministratorAccountRequest request) {
request = beforeClientExecution(request);
return executeGetAdministratorAccount(request);
}
@SdkInternalApi
final GetAdministratorAccountResult executeGetAdministratorAccount(GetAdministratorAccountRequest getAdministratorAccountRequest) {
ExecutionContext executionContext = createExecutionContext(getAdministratorAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAdministratorAccountRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(getAdministratorAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetAdministratorAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetAdministratorAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of the standards that are currently enabled.
*
*
* @param getEnabledStandardsRequest
* @return Result of the GetEnabledStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetEnabledStandards
* @see AWS API Documentation
*/
@Override
public GetEnabledStandardsResult getEnabledStandards(GetEnabledStandardsRequest request) {
request = beforeClientExecution(request);
return executeGetEnabledStandards(request);
}
@SdkInternalApi
final GetEnabledStandardsResult executeGetEnabledStandards(GetEnabledStandardsRequest getEnabledStandardsRequest) {
ExecutionContext executionContext = createExecutionContext(getEnabledStandardsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetEnabledStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getEnabledStandardsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetEnabledStandards");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetEnabledStandardsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the current finding aggregation configuration.
*
*
* @param getFindingAggregatorRequest
* @return Result of the GetFindingAggregator operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetFindingAggregator
* @see AWS API Documentation
*/
@Override
public GetFindingAggregatorResult getFindingAggregator(GetFindingAggregatorRequest request) {
request = beforeClientExecution(request);
return executeGetFindingAggregator(request);
}
@SdkInternalApi
final GetFindingAggregatorResult executeGetFindingAggregator(GetFindingAggregatorRequest getFindingAggregatorRequest) {
ExecutionContext executionContext = createExecutionContext(getFindingAggregatorRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetFindingAggregatorRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getFindingAggregatorRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetFindingAggregator");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetFindingAggregatorResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns history for a Security Hub finding in the last 90 days. The history includes changes made to any fields
* in the Amazon Web Services Security Finding Format (ASFF).
*
*
* @param getFindingHistoryRequest
* @return Result of the GetFindingHistory operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetFindingHistory
* @see AWS
* API Documentation
*/
@Override
public GetFindingHistoryResult getFindingHistory(GetFindingHistoryRequest request) {
request = beforeClientExecution(request);
return executeGetFindingHistory(request);
}
@SdkInternalApi
final GetFindingHistoryResult executeGetFindingHistory(GetFindingHistoryRequest getFindingHistoryRequest) {
ExecutionContext executionContext = createExecutionContext(getFindingHistoryRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetFindingHistoryRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getFindingHistoryRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetFindingHistory");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetFindingHistoryResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of findings that match the specified criteria.
*
*
* If finding aggregation is enabled, then when you call GetFindings from the aggregation Region, the
* results include all of the matching findings from both the aggregation Region and the linked Regions.
*
*
* @param getFindingsRequest
* @return Result of the GetFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetFindings
* @see AWS API
* Documentation
*/
@Override
public GetFindingsResult getFindings(GetFindingsRequest request) {
request = beforeClientExecution(request);
return executeGetFindings(request);
}
@SdkInternalApi
final GetFindingsResult executeGetFindings(GetFindingsRequest getFindingsRequest) {
ExecutionContext executionContext = createExecutionContext(getFindingsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getFindingsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetFindings");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetFindingsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the results of the Security Hub insight specified by the insight ARN.
*
*
* @param getInsightResultsRequest
* @return Result of the GetInsightResults operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetInsightResults
* @see AWS
* API Documentation
*/
@Override
public GetInsightResultsResult getInsightResults(GetInsightResultsRequest request) {
request = beforeClientExecution(request);
return executeGetInsightResults(request);
}
@SdkInternalApi
final GetInsightResultsResult executeGetInsightResults(GetInsightResultsRequest getInsightResultsRequest) {
ExecutionContext executionContext = createExecutionContext(getInsightResultsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetInsightResultsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInsightResultsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInsightResults");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInsightResultsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists and describes insights for the specified insight ARNs.
*
*
* @param getInsightsRequest
* @return Result of the GetInsights operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetInsights
* @see AWS API
* Documentation
*/
@Override
public GetInsightsResult getInsights(GetInsightsRequest request) {
request = beforeClientExecution(request);
return executeGetInsights(request);
}
@SdkInternalApi
final GetInsightsResult executeGetInsights(GetInsightsRequest getInsightsRequest) {
ExecutionContext executionContext = createExecutionContext(getInsightsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetInsightsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInsightsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInsights");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInsightsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the count of all Security Hub membership invitations that were sent to the current member account, not
* including the currently accepted invitation.
*
*
* @param getInvitationsCountRequest
* @return Result of the GetInvitationsCount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetInvitationsCount
* @see AWS API Documentation
*/
@Override
public GetInvitationsCountResult getInvitationsCount(GetInvitationsCountRequest request) {
request = beforeClientExecution(request);
return executeGetInvitationsCount(request);
}
@SdkInternalApi
final GetInvitationsCountResult executeGetInvitationsCount(GetInvitationsCountRequest getInvitationsCountRequest) {
ExecutionContext executionContext = createExecutionContext(getInvitationsCountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetInvitationsCountRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInvitationsCountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInvitationsCount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInvitationsCountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* This method is deprecated. Instead, use GetAdministratorAccount.
*
*
* The Security Hub console continues to use GetMasterAccount. It will eventually change to use
* GetAdministratorAccount. Any IAM policies that specifically control access to this function must
* continue to use GetMasterAccount. You should also add GetAdministratorAccount to your
* policies to ensure that the correct permissions are in place after the console begins to use
* GetAdministratorAccount.
*
*
* Provides the details for the Security Hub administrator account for the current member account.
*
*
* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
*
*
* @param getMasterAccountRequest
* @return Result of the GetMasterAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetMasterAccount
* @see AWS
* API Documentation
*/
@Override
@Deprecated
public GetMasterAccountResult getMasterAccount(GetMasterAccountRequest request) {
request = beforeClientExecution(request);
return executeGetMasterAccount(request);
}
@SdkInternalApi
final GetMasterAccountResult executeGetMasterAccount(GetMasterAccountRequest getMasterAccountRequest) {
ExecutionContext executionContext = createExecutionContext(getMasterAccountRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetMasterAccountRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getMasterAccountRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetMasterAccount");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetMasterAccountResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the details for the Security Hub member accounts for the specified account IDs.
*
*
* An administrator account can be either the delegated Security Hub administrator account for an organization or an
* administrator account that enabled Security Hub manually.
*
*
* The results include both member accounts that are managed using Organizations and accounts that were invited
* manually.
*
*
* @param getMembersRequest
* @return Result of the GetMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetMembers
* @see AWS API
* Documentation
*/
@Override
public GetMembersResult getMembers(GetMembersRequest request) {
request = beforeClientExecution(request);
return executeGetMembers(request);
}
@SdkInternalApi
final GetMembersResult executeGetMembers(GetMembersRequest getMembersRequest) {
ExecutionContext executionContext = createExecutionContext(getMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata()
.withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account
* that the invitation is sent from.
*
*
* This operation is only used to invite accounts that do not belong to an organization. Organization accounts do
* not receive invitations.
*
*
* Before you can use this action to invite a member, you must first use the CreateMembers action to
* create the member account in Security Hub.
*
*
* When the account owner enables Security Hub and accepts the invitation to become a member account, the
* administrator account can view the findings generated from the member account.
*
*
* @param inviteMembersRequest
* @return Result of the InviteMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.InviteMembers
* @see AWS API
* Documentation
*/
@Override
public InviteMembersResult inviteMembers(InviteMembersRequest request) {
request = beforeClientExecution(request);
return executeInviteMembers(request);
}
@SdkInternalApi
final InviteMembersResult executeInviteMembers(InviteMembersRequest inviteMembersRequest) {
ExecutionContext executionContext = createExecutionContext(inviteMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new InviteMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(inviteMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "InviteMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new InviteMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security
* Hub.
*
*
* @param listEnabledProductsForImportRequest
* @return Result of the ListEnabledProductsForImport operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @sample AWSSecurityHub.ListEnabledProductsForImport
* @see AWS API Documentation
*/
@Override
public ListEnabledProductsForImportResult listEnabledProductsForImport(ListEnabledProductsForImportRequest request) {
request = beforeClientExecution(request);
return executeListEnabledProductsForImport(request);
}
@SdkInternalApi
final ListEnabledProductsForImportResult executeListEnabledProductsForImport(ListEnabledProductsForImportRequest listEnabledProductsForImportRequest) {
ExecutionContext executionContext = createExecutionContext(listEnabledProductsForImportRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListEnabledProductsForImportRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(listEnabledProductsForImportRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListEnabledProductsForImport");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListEnabledProductsForImportResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding
* aggregator. You can run this operation from any Region.
*
*
* @param listFindingAggregatorsRequest
* @return Result of the ListFindingAggregators operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.ListFindingAggregators
* @see AWS API Documentation
*/
@Override
public ListFindingAggregatorsResult listFindingAggregators(ListFindingAggregatorsRequest request) {
request = beforeClientExecution(request);
return executeListFindingAggregators(request);
}
@SdkInternalApi
final ListFindingAggregatorsResult executeListFindingAggregators(ListFindingAggregatorsRequest listFindingAggregatorsRequest) {
ExecutionContext executionContext = createExecutionContext(listFindingAggregatorsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListFindingAggregatorsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listFindingAggregatorsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListFindingAggregators");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListFindingAggregatorsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account.
*
*
* This operation is only used by accounts that are managed by invitation. Accounts that are managed using the
* integration with Organizations do not receive invitations.
*
*
* @param listInvitationsRequest
* @return Result of the ListInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListInvitations
* @see AWS
* API Documentation
*/
@Override
public ListInvitationsResult listInvitations(ListInvitationsRequest request) {
request = beforeClientExecution(request);
return executeListInvitations(request);
}
@SdkInternalApi
final ListInvitationsResult executeListInvitations(ListInvitationsRequest listInvitationsRequest) {
ExecutionContext executionContext = createExecutionContext(listInvitationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listInvitationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListInvitations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListInvitationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists details about all member accounts for the current Security Hub administrator account.
*
*
* The results include both member accounts that belong to an organization and member accounts that were invited
* manually.
*
*
* @param listMembersRequest
* @return Result of the ListMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListMembers
* @see AWS API
* Documentation
*/
@Override
public ListMembersResult listMembers(ListMembersRequest request) {
request = beforeClientExecution(request);
return executeListMembers(request);
}
@SdkInternalApi
final ListMembersResult executeListMembers(ListMembersRequest listMembersRequest) {
ExecutionContext executionContext = createExecutionContext(listMembersRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listMembersRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListMembers");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListMembersResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the Security Hub administrator accounts. Can only be called by the organization management account.
*
*
* @param listOrganizationAdminAccountsRequest
* @return Result of the ListOrganizationAdminAccounts operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListOrganizationAdminAccounts
* @see AWS API Documentation
*/
@Override
public ListOrganizationAdminAccountsResult listOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest request) {
request = beforeClientExecution(request);
return executeListOrganizationAdminAccounts(request);
}
@SdkInternalApi
final ListOrganizationAdminAccountsResult executeListOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest listOrganizationAdminAccountsRequest) {
ExecutionContext executionContext = createExecutionContext(listOrganizationAdminAccountsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListOrganizationAdminAccountsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(listOrganizationAdminAccountsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListOrganizationAdminAccounts");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListOrganizationAdminAccountsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists all of the security controls that apply to a specified standard.
*
*
* @param listSecurityControlDefinitionsRequest
* @return Result of the ListSecurityControlDefinitions operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListSecurityControlDefinitions
* @see AWS API Documentation
*/
@Override
public ListSecurityControlDefinitionsResult listSecurityControlDefinitions(ListSecurityControlDefinitionsRequest request) {
request = beforeClientExecution(request);
return executeListSecurityControlDefinitions(request);
}
@SdkInternalApi
final ListSecurityControlDefinitionsResult executeListSecurityControlDefinitions(ListSecurityControlDefinitionsRequest listSecurityControlDefinitionsRequest) {
ExecutionContext executionContext = createExecutionContext(listSecurityControlDefinitionsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListSecurityControlDefinitionsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(listSecurityControlDefinitionsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListSecurityControlDefinitions");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListSecurityControlDefinitionsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account.
*
*
* @param listStandardsControlAssociationsRequest
* @return Result of the ListStandardsControlAssociations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.ListStandardsControlAssociations
* @see AWS API Documentation
*/
@Override
public ListStandardsControlAssociationsResult listStandardsControlAssociations(ListStandardsControlAssociationsRequest request) {
request = beforeClientExecution(request);
return executeListStandardsControlAssociations(request);
}
@SdkInternalApi
final ListStandardsControlAssociationsResult executeListStandardsControlAssociations(
ListStandardsControlAssociationsRequest listStandardsControlAssociationsRequest) {
ExecutionContext executionContext = createExecutionContext(listStandardsControlAssociationsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListStandardsControlAssociationsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(listStandardsControlAssociationsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListStandardsControlAssociations");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListStandardsControlAssociationsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns a list of tags associated with a resource.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.ListTagsForResource
* @see AWS API Documentation
*/
@Override
public ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request) {
request = beforeClientExecution(request);
return executeListTagsForResource(request);
}
@SdkInternalApi
final ListTagsForResourceResult executeListTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) {
ExecutionContext executionContext = createExecutionContext(listTagsForResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListTagsForResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listTagsForResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListTagsForResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListTagsForResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Adds one or more tags to a resource.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.TagResource
* @see AWS API
* Documentation
*/
@Override
public TagResourceResult tagResource(TagResourceRequest request) {
request = beforeClientExecution(request);
return executeTagResource(request);
}
@SdkInternalApi
final TagResourceResult executeTagResource(TagResourceRequest tagResourceRequest) {
ExecutionContext executionContext = createExecutionContext(tagResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new TagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(tagResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "TagResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new TagResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Removes one or more tags from a resource.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UntagResource
* @see AWS API
* Documentation
*/
@Override
public UntagResourceResult untagResource(UntagResourceRequest request) {
request = beforeClientExecution(request);
return executeUntagResource(request);
}
@SdkInternalApi
final UntagResourceResult executeUntagResource(UntagResourceRequest untagResourceRequest) {
ExecutionContext executionContext = createExecutionContext(untagResourceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UntagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(untagResourceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UntagResource");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UntagResourceResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates the name and description of a custom action target in Security Hub.
*
*
* @param updateActionTargetRequest
* @return Result of the UpdateActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateActionTarget
* @see AWS
* API Documentation
*/
@Override
public UpdateActionTargetResult updateActionTarget(UpdateActionTargetRequest request) {
request = beforeClientExecution(request);
return executeUpdateActionTarget(request);
}
@SdkInternalApi
final UpdateActionTargetResult executeUpdateActionTarget(UpdateActionTargetRequest updateActionTargetRequest) {
ExecutionContext executionContext = createExecutionContext(updateActionTargetRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateActionTargetRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateActionTarget");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateActionTargetResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates the finding aggregation configuration. Used to update the Region linking mode and the list of included or
* excluded Regions. You cannot use UpdateFindingAggregator to change the aggregation Region.
*
*
* You must run UpdateFindingAggregator from the current aggregation Region.
*
*
* @param updateFindingAggregatorRequest
* @return Result of the UpdateFindingAggregator operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateFindingAggregator
* @see AWS API Documentation
*/
@Override
public UpdateFindingAggregatorResult updateFindingAggregator(UpdateFindingAggregatorRequest request) {
request = beforeClientExecution(request);
return executeUpdateFindingAggregator(request);
}
@SdkInternalApi
final UpdateFindingAggregatorResult executeUpdateFindingAggregator(UpdateFindingAggregatorRequest updateFindingAggregatorRequest) {
ExecutionContext executionContext = createExecutionContext(updateFindingAggregatorRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateFindingAggregatorRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(updateFindingAggregatorRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateFindingAggregator");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateFindingAggregatorResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* UpdateFindings is deprecated. Instead of UpdateFindings, use
* BatchUpdateFindings.
*
*
* Updates the Note and RecordState of the Security Hub-aggregated findings that the
* filter attributes specify. Any member account that can view the finding also sees the update to the finding.
*
*
* @param updateFindingsRequest
* @return Result of the UpdateFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateFindings
* @see AWS API
* Documentation
*/
@Override
public UpdateFindingsResult updateFindings(UpdateFindingsRequest request) {
request = beforeClientExecution(request);
return executeUpdateFindings(request);
}
@SdkInternalApi
final UpdateFindingsResult executeUpdateFindings(UpdateFindingsRequest updateFindingsRequest) {
ExecutionContext executionContext = createExecutionContext(updateFindingsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateFindingsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateFindings");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateFindingsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates the Security Hub insight identified by the specified insight ARN.
*
*
* @param updateInsightRequest
* @return Result of the UpdateInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateInsight
* @see AWS API
* Documentation
*/
@Override
public UpdateInsightResult updateInsight(UpdateInsightRequest request) {
request = beforeClientExecution(request);
return executeUpdateInsight(request);
}
@SdkInternalApi
final UpdateInsightResult executeUpdateInsight(UpdateInsightRequest updateInsightRequest) {
ExecutionContext executionContext = createExecutionContext(updateInsightRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateInsightRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateInsight");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateInsightResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Used to update the configuration related to Organizations. Can only be called from a Security Hub administrator
* account.
*
*
* @param updateOrganizationConfigurationRequest
* @return Result of the UpdateOrganizationConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.UpdateOrganizationConfiguration
* @see AWS API Documentation
*/
@Override
public UpdateOrganizationConfigurationResult updateOrganizationConfiguration(UpdateOrganizationConfigurationRequest request) {
request = beforeClientExecution(request);
return executeUpdateOrganizationConfiguration(request);
}
@SdkInternalApi
final UpdateOrganizationConfigurationResult executeUpdateOrganizationConfiguration(
UpdateOrganizationConfigurationRequest updateOrganizationConfigurationRequest) {
ExecutionContext executionContext = createExecutionContext(updateOrganizationConfigurationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(updateOrganizationConfigurationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateOrganizationConfiguration");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateOrganizationConfigurationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates configuration options for Security Hub.
*
*
* @param updateSecurityHubConfigurationRequest
* @return Result of the UpdateSecurityHubConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateSecurityHubConfiguration
* @see AWS API Documentation
*/
@Override
public UpdateSecurityHubConfigurationResult updateSecurityHubConfiguration(UpdateSecurityHubConfigurationRequest request) {
request = beforeClientExecution(request);
return executeUpdateSecurityHubConfiguration(request);
}
@SdkInternalApi
final UpdateSecurityHubConfigurationResult executeUpdateSecurityHubConfiguration(UpdateSecurityHubConfigurationRequest updateSecurityHubConfigurationRequest) {
ExecutionContext executionContext = createExecutionContext(updateSecurityHubConfigurationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateSecurityHubConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(updateSecurityHubConfigurationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateSecurityHubConfiguration");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateSecurityHubConfigurationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Used to control whether an individual security standard control is enabled or disabled.
*
*
* @param updateStandardsControlRequest
* @return Result of the UpdateStandardsControl operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* The account doesn't have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateStandardsControl
* @see AWS API Documentation
*/
@Override
public UpdateStandardsControlResult updateStandardsControl(UpdateStandardsControlRequest request) {
request = beforeClientExecution(request);
return executeUpdateStandardsControl(request);
}
@SdkInternalApi
final UpdateStandardsControlResult executeUpdateStandardsControl(UpdateStandardsControlRequest updateStandardsControlRequest) {
ExecutionContext executionContext = createExecutionContext(updateStandardsControlRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateStandardsControlRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateStandardsControlRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateStandardsControl");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateStandardsControlResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
return invoke(request, responseHandler, executionContext, null, null);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) {
executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider));
return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait);
}
/**
* Invoke with no authentication. Credentials are not required and any credentials set on the client or request will
* be ignored for this operation.
**/
private Response anonymousInvoke(Request request,
HttpResponseHandler> responseHandler, ExecutionContext executionContext) {
return doInvoke(request, responseHandler, executionContext, null, null);
}
/**
* Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the
* ExecutionContext beforehand.
**/
private Response doInvoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) {
if (discoveredEndpoint != null) {
request.setEndpoint(discoveredEndpoint);
request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery");
} else if (uriFromEndpointTrait != null) {
request.setEndpoint(uriFromEndpointTrait);
} else {
request.setEndpoint(endpoint);
}
request.setTimeOffset(timeOffset);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata());
return client.execute(request, responseHandler, errorResponseHandler, executionContext);
}
@com.amazonaws.annotation.SdkInternalApi
static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() {
return protocolFactory;
}
@Override
public void shutdown() {
super.shutdown();
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy