com.amazonaws.services.securityhub.AWSSecurityHub Maven / Gradle / Ivy
/*
* Copyright 2016-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.securityhub;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.securityhub.model.*;
/**
* Interface for accessing AWS SecurityHub.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.securityhub.AbstractAWSSecurityHub} instead.
*
*
*
* Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and
* resources. It also provides you with the readiness status of your environment based on controls from supported
* security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated
* third-party products and helps you analyze security trends in your environment to identify the highest priority
* security issues. For more information about Security Hub, see the Security HubUser Guide .
*
*
* When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region
* that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any
* configuration or settings change that results from the operation is applied only to that Region. To make the same
* change in other Regions, execute the same command for each Region to apply the change to.
*
*
* For example, if your Region is set to us-west-2
, when you use CreateMembers
to add a member
* account to Security Hub, the association of the member account with the administrator account is created only in the
* us-west-2
Region. Security Hub must be enabled for the member account in the same Region that the
* invitation was sent from.
*
*
* The following throttling limits apply to using Security Hub API operations.
*
*
* -
*
* BatchEnableStandards
- RateLimit
of 1 request per second, BurstLimit
of 1
* request per second.
*
*
* -
*
* GetFindings
- RateLimit
of 3 requests per second. BurstLimit
of 6 requests per
* second.
*
*
* -
*
* UpdateFindings
- RateLimit
of 1 request per second. BurstLimit
of 5 requests
* per second.
*
*
* -
*
* UpdateStandardsControl
- RateLimit
of 1 request per second, BurstLimit
of 5
* requests per second.
*
*
* -
*
* All other operations - RateLimit
of 10 requests per second. BurstLimit
of 30 requests per
* second.
*
*
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSSecurityHub {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "securityhub";
/**
*
* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the
* invitation was sent from.
*
*
* This operation is only used by member accounts that are not added through Organizations.
*
*
* When the member account accepts the invitation, permission is granted to the administrator account to view
* findings generated in the member account.
*
*
* @param acceptAdministratorInvitationRequest
* @return Result of the AcceptAdministratorInvitation operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.AcceptAdministratorInvitation
* @see AWS API Documentation
*/
AcceptAdministratorInvitationResult acceptAdministratorInvitation(AcceptAdministratorInvitationRequest acceptAdministratorInvitationRequest);
/**
*
* This method is deprecated. Instead, use AcceptAdministratorInvitation
.
*
*
* The Security Hub console continues to use AcceptInvitation
. It will eventually change to use
* AcceptAdministratorInvitation
. Any IAM policies that specifically control access to this function
* must continue to use AcceptInvitation
. You should also add
* AcceptAdministratorInvitation
to your policies to ensure that the correct permissions are in place
* after the console begins to use AcceptAdministratorInvitation
.
*
*
* Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the
* invitation was sent from.
*
*
* This operation is only used by member accounts that are not added through Organizations.
*
*
* When the member account accepts the invitation, permission is granted to the administrator account to view
* findings generated in the member account.
*
*
* @param acceptInvitationRequest
* @return Result of the AcceptInvitation operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.AcceptInvitation
* @see AWS
* API Documentation
*/
@Deprecated
AcceptInvitationResult acceptInvitation(AcceptInvitationRequest acceptInvitationRequest);
/**
*
* Disables the standards specified by the provided StandardsSubscriptionArns
.
*
*
* For more information, see Security Standards
* section of the Security Hub User Guide.
*
*
* @param batchDisableStandardsRequest
* @return Result of the BatchDisableStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.BatchDisableStandards
* @see AWS API Documentation
*/
BatchDisableStandardsResult batchDisableStandards(BatchDisableStandardsRequest batchDisableStandardsRequest);
/**
*
* Enables the standards specified by the provided StandardsArn
. To obtain the ARN for a standard, use
* the DescribeStandards
operation.
*
*
* For more information, see the Security Standards
* section of the Security Hub User Guide.
*
*
* @param batchEnableStandardsRequest
* @return Result of the BatchEnableStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.BatchEnableStandards
* @see AWS API Documentation
*/
BatchEnableStandardsResult batchEnableStandards(BatchEnableStandardsRequest batchEnableStandardsRequest);
/**
*
* Imports security findings generated from an integrated product into Security Hub. This action is requested by the
* integrated product to import its findings into Security Hub.
*
*
* The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
*
*
* After a finding is created, BatchImportFindings
cannot be used to update the following finding
* fields and objects, which Security Hub customers use to manage their investigation workflow.
*
*
* -
*
* Note
*
*
* -
*
* UserDefinedFields
*
*
* -
*
* VerificationState
*
*
* -
*
* Workflow
*
*
*
*
* Finding providers also should not use BatchImportFindings
to update the following attributes.
*
*
* -
*
* Confidence
*
*
* -
*
* Criticality
*
*
* -
*
* RelatedFindings
*
*
* -
*
* Severity
*
*
* -
*
* Types
*
*
*
*
* Instead, finding providers use FindingProviderFields
to provide values for these attributes.
*
*
* @param batchImportFindingsRequest
* @return Result of the BatchImportFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.BatchImportFindings
* @see AWS API Documentation
*/
BatchImportFindingsResult batchImportFindings(BatchImportFindingsRequest batchImportFindingsRequest);
/**
*
* Used by Security Hub customers to update information about their investigation into a finding. Requested by
* administrator accounts or member accounts. Administrator accounts can update findings for their account and their
* member accounts. Member accounts can update findings for their account.
*
*
* Updates from BatchUpdateFindings
do not affect the value of UpdatedAt
for a finding.
*
*
* Administrator and member accounts can use BatchUpdateFindings
to update the following finding fields
* and objects.
*
*
* -
*
* Confidence
*
*
* -
*
* Criticality
*
*
* -
*
* Note
*
*
* -
*
* RelatedFindings
*
*
* -
*
* Severity
*
*
* -
*
* Types
*
*
* -
*
* UserDefinedFields
*
*
* -
*
* VerificationState
*
*
* -
*
* Workflow
*
*
*
*
* You can configure IAM policies to restrict access to fields and field values. For example, you might not want
* member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide.
*
*
* @param batchUpdateFindingsRequest
* @return Result of the BatchUpdateFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.BatchUpdateFindings
* @see AWS API Documentation
*/
BatchUpdateFindingsResult batchUpdateFindings(BatchUpdateFindingsRequest batchUpdateFindingsRequest);
/**
*
* Creates a custom action target in Security Hub.
*
*
* You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon
* CloudWatch Events.
*
*
* @param createActionTargetRequest
* @return Result of the CreateActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateActionTarget
* @see AWS
* API Documentation
*/
CreateActionTargetResult createActionTarget(CreateActionTargetRequest createActionTargetRequest);
/**
*
* Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security
* issue that requires attention or remediation.
*
*
* To group the related findings in the insight, use the GroupByAttribute
.
*
*
* @param createInsightRequest
* @return Result of the CreateInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateInsight
* @see AWS API
* Documentation
*/
CreateInsightResult createInsight(CreateInsightRequest createInsightRequest);
/**
*
* Creates a member association in Security Hub between the specified accounts and the account used to make the
* request, which is the administrator account. If you are integrated with Organizations, then the administrator
* account is designated by the organization management account.
*
*
* CreateMembers
is always used to add accounts that are not organization members.
*
*
* For accounts that are managed using Organizations, CreateMembers
is only used in the following
* cases:
*
*
* -
*
* Security Hub is not configured to automatically add new organization accounts.
*
*
* -
*
* The account was disassociated or deleted in Security Hub.
*
*
*
*
* This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the
* EnableSecurityHub
operation.
*
*
* For accounts that are not organization members, you create the account association and then send an invitation to
* the member account. To send the invitation, you use the InviteMembers
operation. If the account
* owner accepts the invitation, the account becomes a member account in Security Hub.
*
*
* Accounts that are managed using Organizations do not receive an invitation. They automatically become a member
* account in Security Hub, and Security Hub is automatically enabled for those accounts. Note that Security Hub
* cannot be enabled automatically for the organization management account. The organization management account must
* enable Security Hub before the administrator account enables it as a member account.
*
*
* A permissions policy is added that permits the administrator account to view the findings generated in the member
* account. When Security Hub is enabled in a member account, the member account findings are also visible to the
* administrator account.
*
*
* To remove the association between the administrator and member accounts, use the
* DisassociateFromMasterAccount
or DisassociateMembers
operation.
*
*
* @param createMembersRequest
* @return Result of the CreateMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @sample AWSSecurityHub.CreateMembers
* @see AWS API
* Documentation
*/
CreateMembersResult createMembers(CreateMembersRequest createMembersRequest);
/**
*
* Declines invitations to become a member account.
*
*
* This operation is only used by accounts that are not part of an organization. Organization accounts do not
* receive invitations.
*
*
* @param declineInvitationsRequest
* @return Result of the DeclineInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeclineInvitations
* @see AWS
* API Documentation
*/
DeclineInvitationsResult declineInvitations(DeclineInvitationsRequest declineInvitationsRequest);
/**
*
* Deletes a custom action target from Security Hub.
*
*
* Deleting a custom action target does not affect any findings or insights that were already sent to Amazon
* CloudWatch Events using the custom action.
*
*
* @param deleteActionTargetRequest
* @return Result of the DeleteActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteActionTarget
* @see AWS
* API Documentation
*/
DeleteActionTargetResult deleteActionTarget(DeleteActionTargetRequest deleteActionTargetRequest);
/**
*
* Deletes the insight specified by the InsightArn
.
*
*
* @param deleteInsightRequest
* @return Result of the DeleteInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteInsight
* @see AWS API
* Documentation
*/
DeleteInsightResult deleteInsight(DeleteInsightRequest deleteInsightRequest);
/**
*
* Deletes invitations received by the Amazon Web Services account to become a member account.
*
*
* This operation is only used by accounts that are not part of an organization. Organization accounts do not
* receive invitations.
*
*
* @param deleteInvitationsRequest
* @return Result of the DeleteInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.DeleteInvitations
* @see AWS
* API Documentation
*/
DeleteInvitationsResult deleteInvitations(DeleteInvitationsRequest deleteInvitationsRequest);
/**
*
* Deletes the specified member accounts from Security Hub.
*
*
* Can be used to delete member accounts that belong to an organization as well as member accounts that were invited
* manually.
*
*
* @param deleteMembersRequest
* @return Result of the DeleteMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DeleteMembers
* @see AWS API
* Documentation
*/
DeleteMembersResult deleteMembers(DeleteMembersRequest deleteMembersRequest);
/**
*
* Returns a list of the custom action targets in Security Hub in your account.
*
*
* @param describeActionTargetsRequest
* @return Result of the DescribeActionTargets operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeActionTargets
* @see AWS API Documentation
*/
DescribeActionTargetsResult describeActionTargets(DescribeActionTargetsRequest describeActionTargetsRequest);
/**
*
* Returns details about the Hub resource in your account, including the HubArn
and the time when you
* enabled Security Hub.
*
*
* @param describeHubRequest
* @return Result of the DescribeHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeHub
* @see AWS API
* Documentation
*/
DescribeHubResult describeHub(DescribeHubRequest describeHubRequest);
/**
*
* Returns information about the Organizations configuration for Security Hub. Can only be called from a Security
* Hub administrator account.
*
*
* @param describeOrganizationConfigurationRequest
* @return Result of the DescribeOrganizationConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DescribeOrganizationConfiguration
* @see AWS API Documentation
*/
DescribeOrganizationConfigurationResult describeOrganizationConfiguration(DescribeOrganizationConfigurationRequest describeOrganizationConfigurationRequest);
/**
*
* Returns information about product integrations in Security Hub.
*
*
* You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include
* that integration.
*
*
* If you do not provide an integration ARN, then the results include all of the available product integrations.
*
*
* @param describeProductsRequest
* @return Result of the DescribeProducts operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @sample AWSSecurityHub.DescribeProducts
* @see AWS
* API Documentation
*/
DescribeProductsResult describeProducts(DescribeProductsRequest describeProductsRequest);
/**
*
* Returns a list of the available standards in Security Hub.
*
*
* For each standard, the results include the standard ARN, the name, and a description.
*
*
* @param describeStandardsRequest
* @return Result of the DescribeStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.DescribeStandards
* @see AWS
* API Documentation
*/
DescribeStandardsResult describeStandards(DescribeStandardsRequest describeStandardsRequest);
/**
*
* Returns a list of security standards controls.
*
*
* For each control, the results include information about whether it is currently enabled, the severity, and a link
* to remediation information.
*
*
* @param describeStandardsControlsRequest
* @return Result of the DescribeStandardsControls operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DescribeStandardsControls
* @see AWS API Documentation
*/
DescribeStandardsControlsResult describeStandardsControls(DescribeStandardsControlsRequest describeStandardsControlsRequest);
/**
*
* Disables the integration of the specified product with Security Hub. After the integration is disabled, findings
* from that product are no longer sent to Security Hub.
*
*
* @param disableImportFindingsForProductRequest
* @return Result of the DisableImportFindingsForProduct operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DisableImportFindingsForProduct
* @see AWS API Documentation
*/
DisableImportFindingsForProductResult disableImportFindingsForProduct(DisableImportFindingsForProductRequest disableImportFindingsForProductRequest);
/**
*
* Disables a Security Hub administrator account. Can only be called by the organization management account.
*
*
* @param disableOrganizationAdminAccountRequest
* @return Result of the DisableOrganizationAdminAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.DisableOrganizationAdminAccount
* @see AWS API Documentation
*/
DisableOrganizationAdminAccountResult disableOrganizationAdminAccount(DisableOrganizationAdminAccountRequest disableOrganizationAdminAccountRequest);
/**
*
* Disables Security Hub in your account only in the current Region. To disable Security Hub in all Regions, you
* must submit one request per Region where you have enabled Security Hub.
*
*
* When you disable Security Hub for an administrator account, it doesn't disable Security Hub for any associated
* member accounts.
*
*
* When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings
* are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your
* administrator and member account associations are removed.
*
*
* If you want to save your existing findings, you must export them before you disable Security Hub.
*
*
* @param disableSecurityHubRequest
* @return Result of the DisableSecurityHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisableSecurityHub
* @see AWS
* API Documentation
*/
DisableSecurityHubResult disableSecurityHub(DisableSecurityHubRequest disableSecurityHubRequest);
/**
*
* Disassociates the current Security Hub member account from the associated administrator account.
*
*
* This operation is only used by accounts that are not part of an organization. For organization accounts, only the
* administrator account can disassociate a member account.
*
*
* @param disassociateFromAdministratorAccountRequest
* @return Result of the DisassociateFromAdministratorAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateFromAdministratorAccount
* @see AWS API Documentation
*/
DisassociateFromAdministratorAccountResult disassociateFromAdministratorAccount(
DisassociateFromAdministratorAccountRequest disassociateFromAdministratorAccountRequest);
/**
*
* This method is deprecated. Instead, use DisassociateFromAdministratorAccount
.
*
*
* The Security Hub console continues to use DisassociateFromMasterAccount
. It will eventually change
* to use DisassociateFromAdministratorAccount
. Any IAM policies that specifically control access to
* this function must continue to use DisassociateFromMasterAccount
. You should also add
* DisassociateFromAdministratorAccount
to your policies to ensure that the correct permissions are in
* place after the console begins to use DisassociateFromAdministratorAccount
.
*
*
* Disassociates the current Security Hub member account from the associated administrator account.
*
*
* This operation is only used by accounts that are not part of an organization. For organization accounts, only the
* administrator account can disassociate a member account.
*
*
* @param disassociateFromMasterAccountRequest
* @return Result of the DisassociateFromMasterAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateFromMasterAccount
* @see AWS API Documentation
*/
@Deprecated
DisassociateFromMasterAccountResult disassociateFromMasterAccount(DisassociateFromMasterAccountRequest disassociateFromMasterAccountRequest);
/**
*
* Disassociates the specified member accounts from the associated administrator account.
*
*
* Can be used to disassociate both accounts that are managed using Organizations and accounts that were invited
* manually.
*
*
* @param disassociateMembersRequest
* @return Result of the DisassociateMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.DisassociateMembers
* @see AWS API Documentation
*/
DisassociateMembersResult disassociateMembers(DisassociateMembersRequest disassociateMembersRequest);
/**
*
* Enables the integration of a partner product with Security Hub. Integrated products send findings to Security
* Hub.
*
*
* When you enable a product integration, a permissions policy that grants permission for the product to send
* findings to Security Hub is applied.
*
*
* @param enableImportFindingsForProductRequest
* @return Result of the EnableImportFindingsForProduct operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.EnableImportFindingsForProduct
* @see AWS API Documentation
*/
EnableImportFindingsForProductResult enableImportFindingsForProduct(EnableImportFindingsForProductRequest enableImportFindingsForProductRequest);
/**
*
* Designates the Security Hub administrator account for an organization. Can only be called by the organization
* management account.
*
*
* @param enableOrganizationAdminAccountRequest
* @return Result of the EnableOrganizationAdminAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.EnableOrganizationAdminAccount
* @see AWS API Documentation
*/
EnableOrganizationAdminAccountResult enableOrganizationAdminAccount(EnableOrganizationAdminAccountRequest enableOrganizationAdminAccountRequest);
/**
*
* Enables Security Hub for your account in the current Region or the Region you specify in the request.
*
*
* When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from other
* services that are integrated with Security Hub.
*
*
* When you use the EnableSecurityHub
operation to enable Security Hub, you also automatically enable
* the following standards.
*
*
* -
*
* CIS Amazon Web Services Foundations
*
*
* -
*
* Amazon Web Services Foundational Security Best Practices
*
*
*
*
* You do not enable the Payment Card Industry Data Security Standard (PCI DSS) standard.
*
*
* To not enable the automatically enabled standards, set EnableDefaultStandards
to false
.
*
*
* After you enable Security Hub, to enable a standard, use the BatchEnableStandards
operation. To
* disable a standard, use the BatchDisableStandards
operation.
*
*
* To learn more, see the setup information
* in the Security Hub User Guide.
*
*
* @param enableSecurityHubRequest
* @return Result of the EnableSecurityHub operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceConflictException
* The resource specified in the request conflicts with an existing resource.
* @throws AccessDeniedException
* You don't have permission to perform the action specified in the request.
* @sample AWSSecurityHub.EnableSecurityHub
* @see AWS
* API Documentation
*/
EnableSecurityHubResult enableSecurityHub(EnableSecurityHubRequest enableSecurityHubRequest);
/**
*
* Provides the details for the Security Hub administrator account for the current member account.
*
*
* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
*
*
* @param getAdministratorAccountRequest
* @return Result of the GetAdministratorAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetAdministratorAccount
* @see AWS API Documentation
*/
GetAdministratorAccountResult getAdministratorAccount(GetAdministratorAccountRequest getAdministratorAccountRequest);
/**
*
* Returns a list of the standards that are currently enabled.
*
*
* @param getEnabledStandardsRequest
* @return Result of the GetEnabledStandards operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetEnabledStandards
* @see AWS API Documentation
*/
GetEnabledStandardsResult getEnabledStandards(GetEnabledStandardsRequest getEnabledStandardsRequest);
/**
*
* Returns a list of findings that match the specified criteria.
*
*
* @param getFindingsRequest
* @return Result of the GetFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetFindings
* @see AWS API
* Documentation
*/
GetFindingsResult getFindings(GetFindingsRequest getFindingsRequest);
/**
*
* Lists the results of the Security Hub insight specified by the insight ARN.
*
*
* @param getInsightResultsRequest
* @return Result of the GetInsightResults operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetInsightResults
* @see AWS
* API Documentation
*/
GetInsightResultsResult getInsightResults(GetInsightResultsRequest getInsightResultsRequest);
/**
*
* Lists and describes insights for the specified insight ARNs.
*
*
* @param getInsightsRequest
* @return Result of the GetInsights operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetInsights
* @see AWS API
* Documentation
*/
GetInsightsResult getInsights(GetInsightsRequest getInsightsRequest);
/**
*
* Returns the count of all Security Hub membership invitations that were sent to the current member account, not
* including the currently accepted invitation.
*
*
* @param getInvitationsCountRequest
* @return Result of the GetInvitationsCount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.GetInvitationsCount
* @see AWS API Documentation
*/
GetInvitationsCountResult getInvitationsCount(GetInvitationsCountRequest getInvitationsCountRequest);
/**
*
* This method is deprecated. Instead, use GetAdministratorAccount
.
*
*
* The Security Hub console continues to use GetMasterAccount
. It will eventually change to use
* GetAdministratorAccount
. Any IAM policies that specifically control access to this function must
* continue to use GetMasterAccount
. You should also add GetAdministratorAccount
to your
* policies to ensure that the correct permissions are in place after the console begins to use
* GetAdministratorAccount
.
*
*
* Provides the details for the Security Hub administrator account for the current member account.
*
*
* Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
*
*
* @param getMasterAccountRequest
* @return Result of the GetMasterAccount operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetMasterAccount
* @see AWS
* API Documentation
*/
@Deprecated
GetMasterAccountResult getMasterAccount(GetMasterAccountRequest getMasterAccountRequest);
/**
*
* Returns the details for the Security Hub member accounts for the specified account IDs.
*
*
* An administrator account can be either the delegated Security Hub administrator account for an organization or an
* administrator account that enabled Security Hub manually.
*
*
* The results include both member accounts that are managed using Organizations and accounts that were invited
* manually.
*
*
* @param getMembersRequest
* @return Result of the GetMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.GetMembers
* @see AWS API
* Documentation
*/
GetMembersResult getMembers(GetMembersRequest getMembersRequest);
/**
*
* Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account
* that the invitation is sent from.
*
*
* This operation is only used to invite accounts that do not belong to an organization. Organization accounts do
* not receive invitations.
*
*
* Before you can use this action to invite a member, you must first use the CreateMembers
action to
* create the member account in Security Hub.
*
*
* When the account owner enables Security Hub and accepts the invitation to become a member account, the
* administrator account can view the findings generated from the member account.
*
*
* @param inviteMembersRequest
* @return Result of the InviteMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.InviteMembers
* @see AWS API
* Documentation
*/
InviteMembersResult inviteMembers(InviteMembersRequest inviteMembersRequest);
/**
*
* Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security
* Hub.
*
*
* @param listEnabledProductsForImportRequest
* @return Result of the ListEnabledProductsForImport operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @sample AWSSecurityHub.ListEnabledProductsForImport
* @see AWS API Documentation
*/
ListEnabledProductsForImportResult listEnabledProductsForImport(ListEnabledProductsForImportRequest listEnabledProductsForImportRequest);
/**
*
* Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account.
*
*
* This operation is only used by accounts that are managed by invitation. Accounts that are managed using the
* integration with Organizations do not receive invitations.
*
*
* @param listInvitationsRequest
* @return Result of the ListInvitations operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListInvitations
* @see AWS
* API Documentation
*/
ListInvitationsResult listInvitations(ListInvitationsRequest listInvitationsRequest);
/**
*
* Lists details about all member accounts for the current Security Hub administrator account.
*
*
* The results include both member accounts that belong to an organization and member accounts that were invited
* manually.
*
*
* @param listMembersRequest
* @return Result of the ListMembers operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListMembers
* @see AWS API
* Documentation
*/
ListMembersResult listMembers(ListMembersRequest listMembersRequest);
/**
*
* Lists the Security Hub administrator accounts. Can only be called by the organization management account.
*
*
* @param listOrganizationAdminAccountsRequest
* @return Result of the ListOrganizationAdminAccounts operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.ListOrganizationAdminAccounts
* @see AWS API Documentation
*/
ListOrganizationAdminAccountsResult listOrganizationAdminAccounts(ListOrganizationAdminAccountsRequest listOrganizationAdminAccountsRequest);
/**
*
* Returns a list of tags associated with a resource.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.ListTagsForResource
* @see AWS API Documentation
*/
ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest);
/**
*
* Adds one or more tags to a resource.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.TagResource
* @see AWS API
* Documentation
*/
TagResourceResult tagResource(TagResourceRequest tagResourceRequest);
/**
*
* Removes one or more tags from a resource.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UntagResource
* @see AWS API
* Documentation
*/
UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest);
/**
*
* Updates the name and description of a custom action target in Security Hub.
*
*
* @param updateActionTargetRequest
* @return Result of the UpdateActionTarget operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateActionTarget
* @see AWS
* API Documentation
*/
UpdateActionTargetResult updateActionTarget(UpdateActionTargetRequest updateActionTargetRequest);
/**
*
* UpdateFindings
is deprecated. Instead of UpdateFindings
, use
* BatchUpdateFindings
.
*
*
* Updates the Note
and RecordState
of the Security Hub-aggregated findings that the
* filter attributes specify. Any member account that can view the finding also sees the update to the finding.
*
*
* @param updateFindingsRequest
* @return Result of the UpdateFindings operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateFindings
* @see AWS API
* Documentation
*/
UpdateFindingsResult updateFindings(UpdateFindingsRequest updateFindingsRequest);
/**
*
* Updates the Security Hub insight identified by the specified insight ARN.
*
*
* @param updateInsightRequest
* @return Result of the UpdateInsight operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateInsight
* @see AWS API
* Documentation
*/
UpdateInsightResult updateInsight(UpdateInsightRequest updateInsightRequest);
/**
*
* Used to update the configuration related to Organizations. Can only be called from a Security Hub administrator
* account.
*
*
* @param updateOrganizationConfigurationRequest
* @return Result of the UpdateOrganizationConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @sample AWSSecurityHub.UpdateOrganizationConfiguration
* @see AWS API Documentation
*/
UpdateOrganizationConfigurationResult updateOrganizationConfiguration(UpdateOrganizationConfigurationRequest updateOrganizationConfigurationRequest);
/**
*
* Updates configuration options for Security Hub.
*
*
* @param updateSecurityHubConfigurationRequest
* @return Result of the UpdateSecurityHubConfiguration operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current Amazon Web Services
* account or throttling limits. The error code describes the limit exceeded.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateSecurityHubConfiguration
* @see AWS API Documentation
*/
UpdateSecurityHubConfigurationResult updateSecurityHubConfiguration(UpdateSecurityHubConfigurationRequest updateSecurityHubConfigurationRequest);
/**
*
* Used to control whether an individual security standard control is enabled or disabled.
*
*
* @param updateStandardsControlRequest
* @return Result of the UpdateStandardsControl operation returned by the service.
* @throws InternalException
* Internal server error.
* @throws InvalidInputException
* The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
* @throws InvalidAccessException
* There is an issue with the account used to make the request. Either Security Hub is not enabled for the
* account, or the account does not have permission to perform this action.
* @throws ResourceNotFoundException
* The request was rejected because we can't find the specified resource.
* @sample AWSSecurityHub.UpdateStandardsControl
* @see AWS API Documentation
*/
UpdateStandardsControlResult updateStandardsControl(UpdateStandardsControlRequest updateStandardsControlRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}