All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.securityhub.AWSSecurityHubClient Maven / Gradle / Ivy

/*
 * Copyright 2016-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.securityhub;

import org.w3c.dom.*;

import java.net.*;
import java.util.*;

import javax.annotation.Generated;

import org.apache.commons.logging.*;

import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;

import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;

import com.amazonaws.services.securityhub.AWSSecurityHubClientBuilder;

import com.amazonaws.AmazonServiceException;

import com.amazonaws.services.securityhub.model.*;
import com.amazonaws.services.securityhub.model.transform.*;

/**
 * Client for accessing AWS SecurityHub. All service calls made using this client are blocking, and will not return
 * until the service call completes.
 * 

*

* Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and * resources. It also provides you with the readiness status of your environment based on controls from supported * security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated * third-party products and helps you analyze security trends in your environment to identify the highest priority * security issues. For more information about Security Hub, see the Security HubUser Guide . *

*

* When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region * that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any * configuration or settings change that results from the operation is applied only to that Region. To make the same * change in other Regions, execute the same command for each Region to apply the change to. *

*

* For example, if your Region is set to us-west-2, when you use CreateMembers to add a member * account to Security Hub, the association of the member account with the administrator account is created only in the * us-west-2 Region. Security Hub must be enabled for the member account in the same Region that the * invitation was sent from. *

*

* The following throttling limits apply to using Security Hub API operations. *

*
    *
  • *

    * BatchEnableStandards - RateLimit of 1 request per second, BurstLimit of 1 * request per second. *

    *
  • *
  • *

    * GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests per * second. *

    *
  • *
  • *

    * UpdateFindings - RateLimit of 1 request per second. BurstLimit of 5 requests * per second. *

    *
  • *
  • *

    * UpdateStandardsControl - RateLimit of 1 request per second, BurstLimit of 5 * requests per second. *

    *
  • *
  • *

    * All other operations - RateLimit of 10 requests per second. BurstLimit of 30 requests per * second. *

    *
  • *
*/ @ThreadSafe @Generated("com.amazonaws:aws-java-sdk-code-generator") public class AWSSecurityHubClient extends AmazonWebServiceClient implements AWSSecurityHub { /** Provider for AWS credentials. */ private final AWSCredentialsProvider awsCredentialsProvider; private static final Log log = LogFactory.getLog(AWSSecurityHub.class); /** Default signing name for the service. */ private static final String DEFAULT_SIGNING_NAME = "securityhub"; /** Client configuration factory providing ClientConfigurations tailored to this client */ protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory(); private final AdvancedConfig advancedConfig; private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory( new JsonClientMetadata() .withProtocolVersion("1.1") .withSupportsCbor(false) .withSupportsIon(false) .withContentTypeOverride("") .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("LimitExceededException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.LimitExceededExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("InvalidInputException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.InvalidInputExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("InvalidAccessException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.InvalidAccessExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("ResourceConflictException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.ResourceConflictExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("InternalException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.InternalExceptionUnmarshaller.getInstance())) .addErrorMetadata( new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller( com.amazonaws.services.securityhub.model.transform.AccessDeniedExceptionUnmarshaller.getInstance())) .withBaseServiceExceptionClass(com.amazonaws.services.securityhub.model.AWSSecurityHubException.class)); public static AWSSecurityHubClientBuilder builder() { return AWSSecurityHubClientBuilder.standard(); } /** * Constructs a new client to invoke service methods on AWS SecurityHub using the specified parameters. * *

* All service calls made using this new client object are blocking, and will not return until the service call * completes. * * @param clientParams * Object providing client parameters. */ AWSSecurityHubClient(AwsSyncClientParams clientParams) { this(clientParams, false); } /** * Constructs a new client to invoke service methods on AWS SecurityHub using the specified parameters. * *

* All service calls made using this new client object are blocking, and will not return until the service call * completes. * * @param clientParams * Object providing client parameters. */ AWSSecurityHubClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) { super(clientParams); this.awsCredentialsProvider = clientParams.getCredentialsProvider(); this.advancedConfig = clientParams.getAdvancedConfig(); init(); } private void init() { setServiceNameIntern(DEFAULT_SIGNING_NAME); setEndpointPrefix(ENDPOINT_PREFIX); // calling this.setEndPoint(...) will also modify the signer accordingly setEndpoint("securityhub.us-east-1.amazonaws.com"); HandlerChainFactory chainFactory = new HandlerChainFactory(); requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/securityhub/request.handlers")); requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/securityhub/request.handler2s")); requestHandler2s.addAll(chainFactory.getGlobalHandlers()); } /** *

* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the * invitation was sent from. *

*

* This operation is only used by member accounts that are not added through Organizations. *

*

* When the member account accepts the invitation, permission is granted to the administrator account to view * findings generated in the member account. *

* * @param acceptAdministratorInvitationRequest * @return Result of the AcceptAdministratorInvitation operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.AcceptAdministratorInvitation * @see AWS API Documentation */ @Override public AcceptAdministratorInvitationResult acceptAdministratorInvitation(AcceptAdministratorInvitationRequest request) { request = beforeClientExecution(request); return executeAcceptAdministratorInvitation(request); } @SdkInternalApi final AcceptAdministratorInvitationResult executeAcceptAdministratorInvitation(AcceptAdministratorInvitationRequest acceptAdministratorInvitationRequest) { ExecutionContext executionContext = createExecutionContext(acceptAdministratorInvitationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new AcceptAdministratorInvitationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(acceptAdministratorInvitationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AcceptAdministratorInvitation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new AcceptAdministratorInvitationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* This method is deprecated. Instead, use AcceptAdministratorInvitation. *

*

* The Security Hub console continues to use AcceptInvitation. It will eventually change to use * AcceptAdministratorInvitation. Any IAM policies that specifically control access to this function * must continue to use AcceptInvitation. You should also add * AcceptAdministratorInvitation to your policies to ensure that the correct permissions are in place * after the console begins to use AcceptAdministratorInvitation. *

*

* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the * invitation was sent from. *

*

* This operation is only used by member accounts that are not added through Organizations. *

*

* When the member account accepts the invitation, permission is granted to the administrator account to view * findings generated in the member account. *

* * @param acceptInvitationRequest * @return Result of the AcceptInvitation operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.AcceptInvitation * @see AWS * API Documentation */ @Override @Deprecated public AcceptInvitationResult acceptInvitation(AcceptInvitationRequest request) { request = beforeClientExecution(request); return executeAcceptInvitation(request); } @SdkInternalApi final AcceptInvitationResult executeAcceptInvitation(AcceptInvitationRequest acceptInvitationRequest) { ExecutionContext executionContext = createExecutionContext(acceptInvitationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new AcceptInvitationRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(acceptInvitationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AcceptInvitation"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new AcceptInvitationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disables the standards specified by the provided StandardsSubscriptionArns. *

*

* For more information, see Security Standards * section of the Security Hub User Guide. *

* * @param batchDisableStandardsRequest * @return Result of the BatchDisableStandards operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.BatchDisableStandards * @see AWS API Documentation */ @Override public BatchDisableStandardsResult batchDisableStandards(BatchDisableStandardsRequest request) { request = beforeClientExecution(request); return executeBatchDisableStandards(request); } @SdkInternalApi final BatchDisableStandardsResult executeBatchDisableStandards(BatchDisableStandardsRequest batchDisableStandardsRequest) { ExecutionContext executionContext = createExecutionContext(batchDisableStandardsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchDisableStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchDisableStandardsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchDisableStandards"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory .createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchDisableStandardsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Enables the standards specified by the provided StandardsArn. To obtain the ARN for a standard, use * the DescribeStandards operation. *

*

* For more information, see the Security Standards * section of the Security Hub User Guide. *

* * @param batchEnableStandardsRequest * @return Result of the BatchEnableStandards operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.BatchEnableStandards * @see AWS API Documentation */ @Override public BatchEnableStandardsResult batchEnableStandards(BatchEnableStandardsRequest request) { request = beforeClientExecution(request); return executeBatchEnableStandards(request); } @SdkInternalApi final BatchEnableStandardsResult executeBatchEnableStandards(BatchEnableStandardsRequest batchEnableStandardsRequest) { ExecutionContext executionContext = createExecutionContext(batchEnableStandardsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchEnableStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchEnableStandardsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchEnableStandards"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchEnableStandardsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Imports security findings generated from an integrated product into Security Hub. This action is requested by the * integrated product to import its findings into Security Hub. *

*

* The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb. *

*

* After a finding is created, BatchImportFindings cannot be used to update the following finding * fields and objects, which Security Hub customers use to manage their investigation workflow. *

*
    *
  • *

    * Note *

    *
  • *
  • *

    * UserDefinedFields *

    *
  • *
  • *

    * VerificationState *

    *
  • *
  • *

    * Workflow *

    *
  • *
*

* Finding providers also should not use BatchImportFindings to update the following attributes. *

*
    *
  • *

    * Confidence *

    *
  • *
  • *

    * Criticality *

    *
  • *
  • *

    * RelatedFindings *

    *
  • *
  • *

    * Severity *

    *
  • *
  • *

    * Types *

    *
  • *
*

* Instead, finding providers use FindingProviderFields to provide values for these attributes. *

* * @param batchImportFindingsRequest * @return Result of the BatchImportFindings operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.BatchImportFindings * @see AWS API Documentation */ @Override public BatchImportFindingsResult batchImportFindings(BatchImportFindingsRequest request) { request = beforeClientExecution(request); return executeBatchImportFindings(request); } @SdkInternalApi final BatchImportFindingsResult executeBatchImportFindings(BatchImportFindingsRequest batchImportFindingsRequest) { ExecutionContext executionContext = createExecutionContext(batchImportFindingsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchImportFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchImportFindingsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchImportFindings"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchImportFindingsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Used by Security Hub customers to update information about their investigation into a finding. Requested by * administrator accounts or member accounts. Administrator accounts can update findings for their account and their * member accounts. Member accounts can update findings for their account. *

*

* Updates from BatchUpdateFindings do not affect the value of UpdatedAt for a finding. *

*

* Administrator and member accounts can use BatchUpdateFindings to update the following finding fields * and objects. *

*
    *
  • *

    * Confidence *

    *
  • *
  • *

    * Criticality *

    *
  • *
  • *

    * Note *

    *
  • *
  • *

    * RelatedFindings *

    *
  • *
  • *

    * Severity *

    *
  • *
  • *

    * Types *

    *
  • *
  • *

    * UserDefinedFields *

    *
  • *
  • *

    * VerificationState *

    *
  • *
  • *

    * Workflow *

    *
  • *
*

* You can configure IAM policies to restrict access to fields and field values. For example, you might not want * member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide. *

* * @param batchUpdateFindingsRequest * @return Result of the BatchUpdateFindings operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.BatchUpdateFindings * @see AWS API Documentation */ @Override public BatchUpdateFindingsResult batchUpdateFindings(BatchUpdateFindingsRequest request) { request = beforeClientExecution(request); return executeBatchUpdateFindings(request); } @SdkInternalApi final BatchUpdateFindingsResult executeBatchUpdateFindings(BatchUpdateFindingsRequest batchUpdateFindingsRequest) { ExecutionContext executionContext = createExecutionContext(batchUpdateFindingsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new BatchUpdateFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(batchUpdateFindingsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "BatchUpdateFindings"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new BatchUpdateFindingsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Creates a custom action target in Security Hub. *

*

* You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon * CloudWatch Events. *

* * @param createActionTargetRequest * @return Result of the CreateActionTarget operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceConflictException * The resource specified in the request conflicts with an existing resource. * @sample AWSSecurityHub.CreateActionTarget * @see AWS * API Documentation */ @Override public CreateActionTargetResult createActionTarget(CreateActionTargetRequest request) { request = beforeClientExecution(request); return executeCreateActionTarget(request); } @SdkInternalApi final CreateActionTargetResult executeCreateActionTarget(CreateActionTargetRequest createActionTargetRequest) { ExecutionContext executionContext = createExecutionContext(createActionTargetRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new CreateActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createActionTargetRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateActionTarget"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateActionTargetResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security * issue that requires attention or remediation. *

*

* To group the related findings in the insight, use the GroupByAttribute. *

* * @param createInsightRequest * @return Result of the CreateInsight operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceConflictException * The resource specified in the request conflicts with an existing resource. * @sample AWSSecurityHub.CreateInsight * @see AWS API * Documentation */ @Override public CreateInsightResult createInsight(CreateInsightRequest request) { request = beforeClientExecution(request); return executeCreateInsight(request); } @SdkInternalApi final CreateInsightResult executeCreateInsight(CreateInsightRequest createInsightRequest) { ExecutionContext executionContext = createExecutionContext(createInsightRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new CreateInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createInsightRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateInsight"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateInsightResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Creates a member association in Security Hub between the specified accounts and the account used to make the * request, which is the administrator account. If you are integrated with Organizations, then the administrator * account is designated by the organization management account. *

*

* CreateMembers is always used to add accounts that are not organization members. *

*

* For accounts that are managed using Organizations, CreateMembers is only used in the following * cases: *

*
    *
  • *

    * Security Hub is not configured to automatically add new organization accounts. *

    *
  • *
  • *

    * The account was disassociated or deleted in Security Hub. *

    *
  • *
*

* This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the * EnableSecurityHub operation. *

*

* For accounts that are not organization members, you create the account association and then send an invitation to * the member account. To send the invitation, you use the InviteMembers operation. If the account * owner accepts the invitation, the account becomes a member account in Security Hub. *

*

* Accounts that are managed using Organizations do not receive an invitation. They automatically become a member * account in Security Hub, and Security Hub is automatically enabled for those accounts. Note that Security Hub * cannot be enabled automatically for the organization management account. The organization management account must * enable Security Hub before the administrator account enables it as a member account. *

*

* A permissions policy is added that permits the administrator account to view the findings generated in the member * account. When Security Hub is enabled in a member account, the member account findings are also visible to the * administrator account. *

*

* To remove the association between the administrator and member accounts, use the * DisassociateFromMasterAccount or DisassociateMembers operation. *

* * @param createMembersRequest * @return Result of the CreateMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceConflictException * The resource specified in the request conflicts with an existing resource. * @sample AWSSecurityHub.CreateMembers * @see AWS API * Documentation */ @Override public CreateMembersResult createMembers(CreateMembersRequest request) { request = beforeClientExecution(request); return executeCreateMembers(request); } @SdkInternalApi final CreateMembersResult executeCreateMembers(CreateMembersRequest createMembersRequest) { ExecutionContext executionContext = createExecutionContext(createMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new CreateMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(createMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "CreateMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new CreateMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Declines invitations to become a member account. *

*

* This operation is only used by accounts that are not part of an organization. Organization accounts do not * receive invitations. *

* * @param declineInvitationsRequest * @return Result of the DeclineInvitations operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DeclineInvitations * @see AWS * API Documentation */ @Override public DeclineInvitationsResult declineInvitations(DeclineInvitationsRequest request) { request = beforeClientExecution(request); return executeDeclineInvitations(request); } @SdkInternalApi final DeclineInvitationsResult executeDeclineInvitations(DeclineInvitationsRequest declineInvitationsRequest) { ExecutionContext executionContext = createExecutionContext(declineInvitationsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeclineInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(declineInvitationsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeclineInvitations"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeclineInvitationsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Deletes a custom action target from Security Hub. *

*

* Deleting a custom action target does not affect any findings or insights that were already sent to Amazon * CloudWatch Events using the custom action. *

* * @param deleteActionTargetRequest * @return Result of the DeleteActionTarget operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DeleteActionTarget * @see AWS * API Documentation */ @Override public DeleteActionTargetResult deleteActionTarget(DeleteActionTargetRequest request) { request = beforeClientExecution(request); return executeDeleteActionTarget(request); } @SdkInternalApi final DeleteActionTargetResult executeDeleteActionTarget(DeleteActionTargetRequest deleteActionTargetRequest) { ExecutionContext executionContext = createExecutionContext(deleteActionTargetRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteActionTargetRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteActionTarget"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteActionTargetResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Deletes the insight specified by the InsightArn. *

* * @param deleteInsightRequest * @return Result of the DeleteInsight operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DeleteInsight * @see AWS API * Documentation */ @Override public DeleteInsightResult deleteInsight(DeleteInsightRequest request) { request = beforeClientExecution(request); return executeDeleteInsight(request); } @SdkInternalApi final DeleteInsightResult executeDeleteInsight(DeleteInsightRequest deleteInsightRequest) { ExecutionContext executionContext = createExecutionContext(deleteInsightRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteInsightRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteInsight"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteInsightResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Deletes invitations received by the Amazon Web Services account to become a member account. *

*

* This operation is only used by accounts that are not part of an organization. Organization accounts do not * receive invitations. *

* * @param deleteInvitationsRequest * @return Result of the DeleteInvitations operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.DeleteInvitations * @see AWS * API Documentation */ @Override public DeleteInvitationsResult deleteInvitations(DeleteInvitationsRequest request) { request = beforeClientExecution(request); return executeDeleteInvitations(request); } @SdkInternalApi final DeleteInvitationsResult executeDeleteInvitations(DeleteInvitationsRequest deleteInvitationsRequest) { ExecutionContext executionContext = createExecutionContext(deleteInvitationsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteInvitationsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteInvitations"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteInvitationsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Deletes the specified member accounts from Security Hub. *

*

* Can be used to delete member accounts that belong to an organization as well as member accounts that were invited * manually. *

* * @param deleteMembersRequest * @return Result of the DeleteMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DeleteMembers * @see AWS API * Documentation */ @Override public DeleteMembersResult deleteMembers(DeleteMembersRequest request) { request = beforeClientExecution(request); return executeDeleteMembers(request); } @SdkInternalApi final DeleteMembersResult executeDeleteMembers(DeleteMembersRequest deleteMembersRequest) { ExecutionContext executionContext = createExecutionContext(deleteMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DeleteMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of the custom action targets in Security Hub in your account. *

* * @param describeActionTargetsRequest * @return Result of the DescribeActionTargets operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DescribeActionTargets * @see AWS API Documentation */ @Override public DescribeActionTargetsResult describeActionTargets(DescribeActionTargetsRequest request) { request = beforeClientExecution(request); return executeDescribeActionTargets(request); } @SdkInternalApi final DescribeActionTargetsResult executeDescribeActionTargets(DescribeActionTargetsRequest describeActionTargetsRequest) { ExecutionContext executionContext = createExecutionContext(describeActionTargetsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeActionTargetsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeActionTargetsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeActionTargets"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory .createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeActionTargetsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns details about the Hub resource in your account, including the HubArn and the time when you * enabled Security Hub. *

* * @param describeHubRequest * @return Result of the DescribeHub operation returned by the service. * @throws InternalException * Internal server error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DescribeHub * @see AWS API * Documentation */ @Override public DescribeHubResult describeHub(DescribeHubRequest request) { request = beforeClientExecution(request); return executeDescribeHub(request); } @SdkInternalApi final DescribeHubResult executeDescribeHub(DescribeHubRequest describeHubRequest) { ExecutionContext executionContext = createExecutionContext(describeHubRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeHubRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeHub"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeHubResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns information about the Organizations configuration for Security Hub. Can only be called from a Security * Hub administrator account. *

* * @param describeOrganizationConfigurationRequest * @return Result of the DescribeOrganizationConfiguration operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.DescribeOrganizationConfiguration * @see AWS API Documentation */ @Override public DescribeOrganizationConfigurationResult describeOrganizationConfiguration(DescribeOrganizationConfigurationRequest request) { request = beforeClientExecution(request); return executeDescribeOrganizationConfiguration(request); } @SdkInternalApi final DescribeOrganizationConfigurationResult executeDescribeOrganizationConfiguration( DescribeOrganizationConfigurationRequest describeOrganizationConfigurationRequest) { ExecutionContext executionContext = createExecutionContext(describeOrganizationConfigurationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(describeOrganizationConfigurationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeOrganizationConfiguration"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeOrganizationConfigurationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns information about product integrations in Security Hub. *

*

* You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include * that integration. *

*

* If you do not provide an integration ARN, then the results include all of the available product integrations. *

* * @param describeProductsRequest * @return Result of the DescribeProducts operation returned by the service. * @throws InternalException * Internal server error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @sample AWSSecurityHub.DescribeProducts * @see AWS * API Documentation */ @Override public DescribeProductsResult describeProducts(DescribeProductsRequest request) { request = beforeClientExecution(request); return executeDescribeProducts(request); } @SdkInternalApi final DescribeProductsResult executeDescribeProducts(DescribeProductsRequest describeProductsRequest) { ExecutionContext executionContext = createExecutionContext(describeProductsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeProductsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeProductsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeProducts"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeProductsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of the available standards in Security Hub. *

*

* For each standard, the results include the standard ARN, the name, and a description. *

* * @param describeStandardsRequest * @return Result of the DescribeStandards operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.DescribeStandards * @see AWS * API Documentation */ @Override public DescribeStandardsResult describeStandards(DescribeStandardsRequest request) { request = beforeClientExecution(request); return executeDescribeStandards(request); } @SdkInternalApi final DescribeStandardsResult executeDescribeStandards(DescribeStandardsRequest describeStandardsRequest) { ExecutionContext executionContext = createExecutionContext(describeStandardsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeStandardsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeStandards"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeStandardsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of security standards controls. *

*

* For each control, the results include information about whether it is currently enabled, the severity, and a link * to remediation information. *

* * @param describeStandardsControlsRequest * @return Result of the DescribeStandardsControls operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DescribeStandardsControls * @see AWS API Documentation */ @Override public DescribeStandardsControlsResult describeStandardsControls(DescribeStandardsControlsRequest request) { request = beforeClientExecution(request); return executeDescribeStandardsControls(request); } @SdkInternalApi final DescribeStandardsControlsResult executeDescribeStandardsControls(DescribeStandardsControlsRequest describeStandardsControlsRequest) { ExecutionContext executionContext = createExecutionContext(describeStandardsControlsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DescribeStandardsControlsRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(describeStandardsControlsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeStandardsControls"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeStandardsControlsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disables the integration of the specified product with Security Hub. After the integration is disabled, findings * from that product are no longer sent to Security Hub. *

* * @param disableImportFindingsForProductRequest * @return Result of the DisableImportFindingsForProduct operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.DisableImportFindingsForProduct * @see AWS API Documentation */ @Override public DisableImportFindingsForProductResult disableImportFindingsForProduct(DisableImportFindingsForProductRequest request) { request = beforeClientExecution(request); return executeDisableImportFindingsForProduct(request); } @SdkInternalApi final DisableImportFindingsForProductResult executeDisableImportFindingsForProduct( DisableImportFindingsForProductRequest disableImportFindingsForProductRequest) { ExecutionContext executionContext = createExecutionContext(disableImportFindingsForProductRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisableImportFindingsForProductRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(disableImportFindingsForProductRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableImportFindingsForProduct"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisableImportFindingsForProductResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disables a Security Hub administrator account. Can only be called by the organization management account. *

* * @param disableOrganizationAdminAccountRequest * @return Result of the DisableOrganizationAdminAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.DisableOrganizationAdminAccount * @see AWS API Documentation */ @Override public DisableOrganizationAdminAccountResult disableOrganizationAdminAccount(DisableOrganizationAdminAccountRequest request) { request = beforeClientExecution(request); return executeDisableOrganizationAdminAccount(request); } @SdkInternalApi final DisableOrganizationAdminAccountResult executeDisableOrganizationAdminAccount( DisableOrganizationAdminAccountRequest disableOrganizationAdminAccountRequest) { ExecutionContext executionContext = createExecutionContext(disableOrganizationAdminAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(disableOrganizationAdminAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableOrganizationAdminAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisableOrganizationAdminAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disables Security Hub in your account only in the current Region. To disable Security Hub in all Regions, you * must submit one request per Region where you have enabled Security Hub. *

*

* When you disable Security Hub for an administrator account, it doesn't disable Security Hub for any associated * member accounts. *

*

* When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings * are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your * administrator and member account associations are removed. *

*

* If you want to save your existing findings, you must export them before you disable Security Hub. *

* * @param disableSecurityHubRequest * @return Result of the DisableSecurityHub operation returned by the service. * @throws InternalException * Internal server error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DisableSecurityHub * @see AWS * API Documentation */ @Override public DisableSecurityHubResult disableSecurityHub(DisableSecurityHubRequest request) { request = beforeClientExecution(request); return executeDisableSecurityHub(request); } @SdkInternalApi final DisableSecurityHubResult executeDisableSecurityHub(DisableSecurityHubRequest disableSecurityHubRequest) { ExecutionContext executionContext = createExecutionContext(disableSecurityHubRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisableSecurityHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(disableSecurityHubRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisableSecurityHub"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisableSecurityHubResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disassociates the current Security Hub member account from the associated administrator account. *

*

* This operation is only used by accounts that are not part of an organization. For organization accounts, only the * administrator account can disassociate a member account. *

* * @param disassociateFromAdministratorAccountRequest * @return Result of the DisassociateFromAdministratorAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DisassociateFromAdministratorAccount * @see AWS API Documentation */ @Override public DisassociateFromAdministratorAccountResult disassociateFromAdministratorAccount(DisassociateFromAdministratorAccountRequest request) { request = beforeClientExecution(request); return executeDisassociateFromAdministratorAccount(request); } @SdkInternalApi final DisassociateFromAdministratorAccountResult executeDisassociateFromAdministratorAccount( DisassociateFromAdministratorAccountRequest disassociateFromAdministratorAccountRequest) { ExecutionContext executionContext = createExecutionContext(disassociateFromAdministratorAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisassociateFromAdministratorAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(disassociateFromAdministratorAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateFromAdministratorAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisassociateFromAdministratorAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* This method is deprecated. Instead, use DisassociateFromAdministratorAccount. *

*

* The Security Hub console continues to use DisassociateFromMasterAccount. It will eventually change * to use DisassociateFromAdministratorAccount. Any IAM policies that specifically control access to * this function must continue to use DisassociateFromMasterAccount. You should also add * DisassociateFromAdministratorAccount to your policies to ensure that the correct permissions are in * place after the console begins to use DisassociateFromAdministratorAccount. *

*

* Disassociates the current Security Hub member account from the associated administrator account. *

*

* This operation is only used by accounts that are not part of an organization. For organization accounts, only the * administrator account can disassociate a member account. *

* * @param disassociateFromMasterAccountRequest * @return Result of the DisassociateFromMasterAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DisassociateFromMasterAccount * @see AWS API Documentation */ @Override @Deprecated public DisassociateFromMasterAccountResult disassociateFromMasterAccount(DisassociateFromMasterAccountRequest request) { request = beforeClientExecution(request); return executeDisassociateFromMasterAccount(request); } @SdkInternalApi final DisassociateFromMasterAccountResult executeDisassociateFromMasterAccount(DisassociateFromMasterAccountRequest disassociateFromMasterAccountRequest) { ExecutionContext executionContext = createExecutionContext(disassociateFromMasterAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisassociateFromMasterAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(disassociateFromMasterAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateFromMasterAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisassociateFromMasterAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Disassociates the specified member accounts from the associated administrator account. *

*

* Can be used to disassociate both accounts that are managed using Organizations and accounts that were invited * manually. *

* * @param disassociateMembersRequest * @return Result of the DisassociateMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.DisassociateMembers * @see AWS API Documentation */ @Override public DisassociateMembersResult disassociateMembers(DisassociateMembersRequest request) { request = beforeClientExecution(request); return executeDisassociateMembers(request); } @SdkInternalApi final DisassociateMembersResult executeDisassociateMembers(DisassociateMembersRequest disassociateMembersRequest) { ExecutionContext executionContext = createExecutionContext(disassociateMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new DisassociateMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(disassociateMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DisassociateMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DisassociateMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Enables the integration of a partner product with Security Hub. Integrated products send findings to Security * Hub. *

*

* When you enable a product integration, a permissions policy that grants permission for the product to send * findings to Security Hub is applied. *

* * @param enableImportFindingsForProductRequest * @return Result of the EnableImportFindingsForProduct operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceConflictException * The resource specified in the request conflicts with an existing resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.EnableImportFindingsForProduct * @see AWS API Documentation */ @Override public EnableImportFindingsForProductResult enableImportFindingsForProduct(EnableImportFindingsForProductRequest request) { request = beforeClientExecution(request); return executeEnableImportFindingsForProduct(request); } @SdkInternalApi final EnableImportFindingsForProductResult executeEnableImportFindingsForProduct(EnableImportFindingsForProductRequest enableImportFindingsForProductRequest) { ExecutionContext executionContext = createExecutionContext(enableImportFindingsForProductRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new EnableImportFindingsForProductRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(enableImportFindingsForProductRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableImportFindingsForProduct"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new EnableImportFindingsForProductResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Designates the Security Hub administrator account for an organization. Can only be called by the organization * management account. *

* * @param enableOrganizationAdminAccountRequest * @return Result of the EnableOrganizationAdminAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.EnableOrganizationAdminAccount * @see AWS API Documentation */ @Override public EnableOrganizationAdminAccountResult enableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest request) { request = beforeClientExecution(request); return executeEnableOrganizationAdminAccount(request); } @SdkInternalApi final EnableOrganizationAdminAccountResult executeEnableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest enableOrganizationAdminAccountRequest) { ExecutionContext executionContext = createExecutionContext(enableOrganizationAdminAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new EnableOrganizationAdminAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(enableOrganizationAdminAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableOrganizationAdminAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new EnableOrganizationAdminAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Enables Security Hub for your account in the current Region or the Region you specify in the request. *

*

* When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from other * services that are integrated with Security Hub. *

*

* When you use the EnableSecurityHub operation to enable Security Hub, you also automatically enable * the following standards. *

*
    *
  • *

    * CIS Amazon Web Services Foundations *

    *
  • *
  • *

    * Amazon Web Services Foundational Security Best Practices *

    *
  • *
*

* You do not enable the Payment Card Industry Data Security Standard (PCI DSS) standard. *

*

* To not enable the automatically enabled standards, set EnableDefaultStandards to false. *

*

* After you enable Security Hub, to enable a standard, use the BatchEnableStandards operation. To * disable a standard, use the BatchDisableStandards operation. *

*

* To learn more, see the setup information * in the Security Hub User Guide. *

* * @param enableSecurityHubRequest * @return Result of the EnableSecurityHub operation returned by the service. * @throws InternalException * Internal server error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceConflictException * The resource specified in the request conflicts with an existing resource. * @throws AccessDeniedException * You don't have permission to perform the action specified in the request. * @sample AWSSecurityHub.EnableSecurityHub * @see AWS * API Documentation */ @Override public EnableSecurityHubResult enableSecurityHub(EnableSecurityHubRequest request) { request = beforeClientExecution(request); return executeEnableSecurityHub(request); } @SdkInternalApi final EnableSecurityHubResult executeEnableSecurityHub(EnableSecurityHubRequest enableSecurityHubRequest) { ExecutionContext executionContext = createExecutionContext(enableSecurityHubRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new EnableSecurityHubRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(enableSecurityHubRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "EnableSecurityHub"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new EnableSecurityHubResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Provides the details for the Security Hub administrator account for the current member account. *

*

* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually. *

* * @param getAdministratorAccountRequest * @return Result of the GetAdministratorAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.GetAdministratorAccount * @see AWS API Documentation */ @Override public GetAdministratorAccountResult getAdministratorAccount(GetAdministratorAccountRequest request) { request = beforeClientExecution(request); return executeGetAdministratorAccount(request); } @SdkInternalApi final GetAdministratorAccountResult executeGetAdministratorAccount(GetAdministratorAccountRequest getAdministratorAccountRequest) { ExecutionContext executionContext = createExecutionContext(getAdministratorAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetAdministratorAccountRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(getAdministratorAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetAdministratorAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetAdministratorAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of the standards that are currently enabled. *

* * @param getEnabledStandardsRequest * @return Result of the GetEnabledStandards operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.GetEnabledStandards * @see AWS API Documentation */ @Override public GetEnabledStandardsResult getEnabledStandards(GetEnabledStandardsRequest request) { request = beforeClientExecution(request); return executeGetEnabledStandards(request); } @SdkInternalApi final GetEnabledStandardsResult executeGetEnabledStandards(GetEnabledStandardsRequest getEnabledStandardsRequest) { ExecutionContext executionContext = createExecutionContext(getEnabledStandardsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetEnabledStandardsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getEnabledStandardsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetEnabledStandards"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetEnabledStandardsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of findings that match the specified criteria. *

* * @param getFindingsRequest * @return Result of the GetFindings operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.GetFindings * @see AWS API * Documentation */ @Override public GetFindingsResult getFindings(GetFindingsRequest request) { request = beforeClientExecution(request); return executeGetFindings(request); } @SdkInternalApi final GetFindingsResult executeGetFindings(GetFindingsRequest getFindingsRequest) { ExecutionContext executionContext = createExecutionContext(getFindingsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getFindingsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetFindings"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetFindingsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists the results of the Security Hub insight specified by the insight ARN. *

* * @param getInsightResultsRequest * @return Result of the GetInsightResults operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.GetInsightResults * @see AWS * API Documentation */ @Override public GetInsightResultsResult getInsightResults(GetInsightResultsRequest request) { request = beforeClientExecution(request); return executeGetInsightResults(request); } @SdkInternalApi final GetInsightResultsResult executeGetInsightResults(GetInsightResultsRequest getInsightResultsRequest) { ExecutionContext executionContext = createExecutionContext(getInsightResultsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetInsightResultsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInsightResultsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInsightResults"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInsightResultsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists and describes insights for the specified insight ARNs. *

* * @param getInsightsRequest * @return Result of the GetInsights operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.GetInsights * @see AWS API * Documentation */ @Override public GetInsightsResult getInsights(GetInsightsRequest request) { request = beforeClientExecution(request); return executeGetInsights(request); } @SdkInternalApi final GetInsightsResult executeGetInsights(GetInsightsRequest getInsightsRequest) { ExecutionContext executionContext = createExecutionContext(getInsightsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetInsightsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInsightsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInsights"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInsightsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns the count of all Security Hub membership invitations that were sent to the current member account, not * including the currently accepted invitation. *

* * @param getInvitationsCountRequest * @return Result of the GetInvitationsCount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.GetInvitationsCount * @see AWS API Documentation */ @Override public GetInvitationsCountResult getInvitationsCount(GetInvitationsCountRequest request) { request = beforeClientExecution(request); return executeGetInvitationsCount(request); } @SdkInternalApi final GetInvitationsCountResult executeGetInvitationsCount(GetInvitationsCountRequest getInvitationsCountRequest) { ExecutionContext executionContext = createExecutionContext(getInvitationsCountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetInvitationsCountRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getInvitationsCountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetInvitationsCount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetInvitationsCountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* This method is deprecated. Instead, use GetAdministratorAccount. *

*

* The Security Hub console continues to use GetMasterAccount. It will eventually change to use * GetAdministratorAccount. Any IAM policies that specifically control access to this function must * continue to use GetMasterAccount. You should also add GetAdministratorAccount to your * policies to ensure that the correct permissions are in place after the console begins to use * GetAdministratorAccount. *

*

* Provides the details for the Security Hub administrator account for the current member account. *

*

* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually. *

* * @param getMasterAccountRequest * @return Result of the GetMasterAccount operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.GetMasterAccount * @see AWS * API Documentation */ @Override @Deprecated public GetMasterAccountResult getMasterAccount(GetMasterAccountRequest request) { request = beforeClientExecution(request); return executeGetMasterAccount(request); } @SdkInternalApi final GetMasterAccountResult executeGetMasterAccount(GetMasterAccountRequest getMasterAccountRequest) { ExecutionContext executionContext = createExecutionContext(getMasterAccountRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetMasterAccountRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getMasterAccountRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetMasterAccount"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetMasterAccountResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns the details for the Security Hub member accounts for the specified account IDs. *

*

* An administrator account can be either the delegated Security Hub administrator account for an organization or an * administrator account that enabled Security Hub manually. *

*

* The results include both member accounts that are managed using Organizations and accounts that were invited * manually. *

* * @param getMembersRequest * @return Result of the GetMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.GetMembers * @see AWS API * Documentation */ @Override public GetMembersResult getMembers(GetMembersRequest request) { request = beforeClientExecution(request); return executeGetMembers(request); } @SdkInternalApi final GetMembersResult executeGetMembers(GetMembersRequest getMembersRequest) { ExecutionContext executionContext = createExecutionContext(getMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new GetMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(new JsonOperationMetadata() .withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account * that the invitation is sent from. *

*

* This operation is only used to invite accounts that do not belong to an organization. Organization accounts do * not receive invitations. *

*

* Before you can use this action to invite a member, you must first use the CreateMembers action to * create the member account in Security Hub. *

*

* When the account owner enables Security Hub and accepts the invitation to become a member account, the * administrator account can view the findings generated from the member account. *

* * @param inviteMembersRequest * @return Result of the InviteMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.InviteMembers * @see AWS API * Documentation */ @Override public InviteMembersResult inviteMembers(InviteMembersRequest request) { request = beforeClientExecution(request); return executeInviteMembers(request); } @SdkInternalApi final InviteMembersResult executeInviteMembers(InviteMembersRequest inviteMembersRequest) { ExecutionContext executionContext = createExecutionContext(inviteMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new InviteMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(inviteMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "InviteMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new InviteMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security * Hub. *

* * @param listEnabledProductsForImportRequest * @return Result of the ListEnabledProductsForImport operation returned by the service. * @throws InternalException * Internal server error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @sample AWSSecurityHub.ListEnabledProductsForImport * @see AWS API Documentation */ @Override public ListEnabledProductsForImportResult listEnabledProductsForImport(ListEnabledProductsForImportRequest request) { request = beforeClientExecution(request); return executeListEnabledProductsForImport(request); } @SdkInternalApi final ListEnabledProductsForImportResult executeListEnabledProductsForImport(ListEnabledProductsForImportRequest listEnabledProductsForImportRequest) { ExecutionContext executionContext = createExecutionContext(listEnabledProductsForImportRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListEnabledProductsForImportRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(listEnabledProductsForImportRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListEnabledProductsForImport"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListEnabledProductsForImportResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account. *

*

* This operation is only used by accounts that are managed by invitation. Accounts that are managed using the * integration with Organizations do not receive invitations. *

* * @param listInvitationsRequest * @return Result of the ListInvitations operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.ListInvitations * @see AWS * API Documentation */ @Override public ListInvitationsResult listInvitations(ListInvitationsRequest request) { request = beforeClientExecution(request); return executeListInvitations(request); } @SdkInternalApi final ListInvitationsResult executeListInvitations(ListInvitationsRequest listInvitationsRequest) { ExecutionContext executionContext = createExecutionContext(listInvitationsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListInvitationsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listInvitationsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListInvitations"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListInvitationsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists details about all member accounts for the current Security Hub administrator account. *

*

* The results include both member accounts that belong to an organization and member accounts that were invited * manually. *

* * @param listMembersRequest * @return Result of the ListMembers operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.ListMembers * @see AWS API * Documentation */ @Override public ListMembersResult listMembers(ListMembersRequest request) { request = beforeClientExecution(request); return executeListMembers(request); } @SdkInternalApi final ListMembersResult executeListMembers(ListMembersRequest listMembersRequest) { ExecutionContext executionContext = createExecutionContext(listMembersRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListMembersRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listMembersRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListMembers"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListMembersResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Lists the Security Hub administrator accounts. Can only be called by the organization management account. *

* * @param listOrganizationAdminAccountsRequest * @return Result of the ListOrganizationAdminAccounts operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.ListOrganizationAdminAccounts * @see AWS API Documentation */ @Override public ListOrganizationAdminAccountsResult listOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest request) { request = beforeClientExecution(request); return executeListOrganizationAdminAccounts(request); } @SdkInternalApi final ListOrganizationAdminAccountsResult executeListOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest listOrganizationAdminAccountsRequest) { ExecutionContext executionContext = createExecutionContext(listOrganizationAdminAccountsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListOrganizationAdminAccountsRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(listOrganizationAdminAccountsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListOrganizationAdminAccounts"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListOrganizationAdminAccountsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Returns a list of tags associated with a resource. *

* * @param listTagsForResourceRequest * @return Result of the ListTagsForResource operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.ListTagsForResource * @see AWS API Documentation */ @Override public ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest request) { request = beforeClientExecution(request); return executeListTagsForResource(request); } @SdkInternalApi final ListTagsForResourceResult executeListTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest) { ExecutionContext executionContext = createExecutionContext(listTagsForResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new ListTagsForResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listTagsForResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListTagsForResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListTagsForResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Adds one or more tags to a resource. *

* * @param tagResourceRequest * @return Result of the TagResource operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.TagResource * @see AWS API * Documentation */ @Override public TagResourceResult tagResource(TagResourceRequest request) { request = beforeClientExecution(request); return executeTagResource(request); } @SdkInternalApi final TagResourceResult executeTagResource(TagResourceRequest tagResourceRequest) { ExecutionContext executionContext = createExecutionContext(tagResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new TagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(tagResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "TagResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new TagResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Removes one or more tags from a resource. *

* * @param untagResourceRequest * @return Result of the UntagResource operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UntagResource * @see AWS API * Documentation */ @Override public UntagResourceResult untagResource(UntagResourceRequest request) { request = beforeClientExecution(request); return executeUntagResource(request); } @SdkInternalApi final UntagResourceResult executeUntagResource(UntagResourceRequest untagResourceRequest) { ExecutionContext executionContext = createExecutionContext(untagResourceRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UntagResourceRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(untagResourceRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UntagResource"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UntagResourceResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Updates the name and description of a custom action target in Security Hub. *

* * @param updateActionTargetRequest * @return Result of the UpdateActionTarget operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UpdateActionTarget * @see AWS * API Documentation */ @Override public UpdateActionTargetResult updateActionTarget(UpdateActionTargetRequest request) { request = beforeClientExecution(request); return executeUpdateActionTarget(request); } @SdkInternalApi final UpdateActionTargetResult executeUpdateActionTarget(UpdateActionTargetRequest updateActionTargetRequest) { ExecutionContext executionContext = createExecutionContext(updateActionTargetRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateActionTargetRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateActionTargetRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateActionTarget"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateActionTargetResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* UpdateFindings is deprecated. Instead of UpdateFindings, use * BatchUpdateFindings. *

*

* Updates the Note and RecordState of the Security Hub-aggregated findings that the * filter attributes specify. Any member account that can view the finding also sees the update to the finding. *

* * @param updateFindingsRequest * @return Result of the UpdateFindings operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UpdateFindings * @see AWS API * Documentation */ @Override public UpdateFindingsResult updateFindings(UpdateFindingsRequest request) { request = beforeClientExecution(request); return executeUpdateFindings(request); } @SdkInternalApi final UpdateFindingsResult executeUpdateFindings(UpdateFindingsRequest updateFindingsRequest) { ExecutionContext executionContext = createExecutionContext(updateFindingsRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateFindingsRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateFindingsRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateFindings"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateFindingsResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Updates the Security Hub insight identified by the specified insight ARN. *

* * @param updateInsightRequest * @return Result of the UpdateInsight operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UpdateInsight * @see AWS API * Documentation */ @Override public UpdateInsightResult updateInsight(UpdateInsightRequest request) { request = beforeClientExecution(request); return executeUpdateInsight(request); } @SdkInternalApi final UpdateInsightResult executeUpdateInsight(UpdateInsightRequest updateInsightRequest) { ExecutionContext executionContext = createExecutionContext(updateInsightRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateInsightRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateInsightRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateInsight"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateInsightResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Used to update the configuration related to Organizations. Can only be called from a Security Hub administrator * account. *

* * @param updateOrganizationConfigurationRequest * @return Result of the UpdateOrganizationConfiguration operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @sample AWSSecurityHub.UpdateOrganizationConfiguration * @see AWS API Documentation */ @Override public UpdateOrganizationConfigurationResult updateOrganizationConfiguration(UpdateOrganizationConfigurationRequest request) { request = beforeClientExecution(request); return executeUpdateOrganizationConfiguration(request); } @SdkInternalApi final UpdateOrganizationConfigurationResult executeUpdateOrganizationConfiguration( UpdateOrganizationConfigurationRequest updateOrganizationConfigurationRequest) { ExecutionContext executionContext = createExecutionContext(updateOrganizationConfigurationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateOrganizationConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(updateOrganizationConfigurationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateOrganizationConfiguration"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateOrganizationConfigurationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Updates configuration options for Security Hub. *

* * @param updateSecurityHubConfigurationRequest * @return Result of the UpdateSecurityHubConfiguration operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current Amazon Web Services * account or throttling limits. The error code describes the limit exceeded. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UpdateSecurityHubConfiguration * @see AWS API Documentation */ @Override public UpdateSecurityHubConfigurationResult updateSecurityHubConfiguration(UpdateSecurityHubConfigurationRequest request) { request = beforeClientExecution(request); return executeUpdateSecurityHubConfiguration(request); } @SdkInternalApi final UpdateSecurityHubConfigurationResult executeUpdateSecurityHubConfiguration(UpdateSecurityHubConfigurationRequest updateSecurityHubConfigurationRequest) { ExecutionContext executionContext = createExecutionContext(updateSecurityHubConfigurationRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateSecurityHubConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super .beforeMarshalling(updateSecurityHubConfigurationRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateSecurityHubConfiguration"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateSecurityHubConfigurationResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** *

* Used to control whether an individual security standard control is enabled or disabled. *

* * @param updateStandardsControlRequest * @return Result of the UpdateStandardsControl operation returned by the service. * @throws InternalException * Internal server error. * @throws InvalidInputException * The request was rejected because you supplied an invalid or out-of-range value for an input parameter. * @throws InvalidAccessException * There is an issue with the account used to make the request. Either Security Hub is not enabled for the * account, or the account does not have permission to perform this action. * @throws ResourceNotFoundException * The request was rejected because we can't find the specified resource. * @sample AWSSecurityHub.UpdateStandardsControl * @see AWS API Documentation */ @Override public UpdateStandardsControlResult updateStandardsControl(UpdateStandardsControlRequest request) { request = beforeClientExecution(request); return executeUpdateStandardsControl(request); } @SdkInternalApi final UpdateStandardsControlResult executeUpdateStandardsControl(UpdateStandardsControlRequest updateStandardsControlRequest) { ExecutionContext executionContext = createExecutionContext(updateStandardsControlRequest); AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); awsRequestMetrics.startEvent(Field.ClientExecuteTime); Request request = null; Response response = null; try { awsRequestMetrics.startEvent(Field.RequestMarshallTime); try { request = new UpdateStandardsControlRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(updateStandardsControlRequest)); // Binds the request metrics to the current request. request.setAWSRequestMetrics(awsRequestMetrics); request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint); request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden()); request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion()); request.addHandlerContext(HandlerContextKey.SERVICE_ID, "SecurityHub"); request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateStandardsControl"); request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig); } finally { awsRequestMetrics.endEvent(Field.RequestMarshallTime); } HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler( new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new UpdateStandardsControlResultJsonUnmarshaller()); response = invoke(request, responseHandler, executionContext); return response.getAwsResponse(); } finally { endClientExecution(awsRequestMetrics, request, response); } } /** * Returns additional metadata for a previously executed successful, request, typically used for debugging issues * where a service isn't acting as expected. This data isn't considered part of the result data returned by an * operation, so it's available through this separate, diagnostic interface. *

* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic * information for an executed request, you should use this method to retrieve it as soon as possible after * executing the request. * * @param request * The originally executed request * * @return The response metadata for the specified request, or null if none is available. */ public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) { return client.getResponseMetadataForRequest(request); } /** * Normal invoke with authentication. Credentials are required and may be overriden at the request level. **/ private Response invoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext) { return invoke(request, responseHandler, executionContext, null, null); } /** * Normal invoke with authentication. Credentials are required and may be overriden at the request level. **/ private Response invoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) { executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider)); return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait); } /** * Invoke with no authentication. Credentials are not required and any credentials set on the client or request will * be ignored for this operation. **/ private Response anonymousInvoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext) { return doInvoke(request, responseHandler, executionContext, null, null); } /** * Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the * ExecutionContext beforehand. **/ private Response doInvoke(Request request, HttpResponseHandler> responseHandler, ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) { if (discoveredEndpoint != null) { request.setEndpoint(discoveredEndpoint); request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery"); } else if (uriFromEndpointTrait != null) { request.setEndpoint(uriFromEndpointTrait); } else { request.setEndpoint(endpoint); } request.setTimeOffset(timeOffset); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata()); return client.execute(request, responseHandler, errorResponseHandler, executionContext); } @com.amazonaws.annotation.SdkInternalApi static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() { return protocolFactory; } @Override public void shutdown() { super.shutdown(); } }





© 2015 - 2025 Weber Informatics LLC | Privacy Policy