

***********
SecurityHub
***********



======
Client
======



.. py:class:: SecurityHub.Client

  A low-level client representing AWS SecurityHub
  

  Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps you assess your Amazon Web Services environment against security industry standards and best practices.

   

  Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services services, and supported third-party products and helps you analyze your security trends and identify the highest priority security issues.

   

  To help you manage the security state of your organization, Security Hub supports multiple security standards. These include the Amazon Web Services Foundational Security Best Practices (FSBP) standard developed by Amazon Web Services, and external compliance frameworks such as the Center for Internet Security (CIS), the Payment Card Industry Data Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes several security controls, each of which represents a security best practice. Security Hub runs checks against security controls and generates control findings to help you assess your compliance against security best practices.

   

  In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services services, such as Amazon GuardDuty and Amazon Inspector, and supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You can also send Security Hub findings to other Amazon Web Services services and supported third-party products.

   

  Security Hub offers automation features that help you triage and remediate security issues. For example, you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with Amazon EventBridge to trigger automatic responses to specific findings.

   

  This guide, the *Security Hub API Reference*, provides information about the Security Hub API. This includes supported resources, HTTP methods, parameters, and schemas. If you're new to Security Hub, you might find it helpful to also review the `Security Hub User Guide <https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html>`__. The user guide explains key concepts and provides procedures that demonstrate how to use Security Hub features. It also provides information about topics such as integrating Security Hub with other Amazon Web Services services.

   

  In addition to interacting with Security Hub by making calls to the Security Hub API, you can use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell, Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to Security Hub and other Amazon Web Services services . They also handle tasks such as signing requests, managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services tools and SDKs, see `Tools to Build on Amazon Web Services <http://aws.amazon.com/developer/tools/>`__.

   

  With the exception of operations that are related to central configuration, Security Hub API requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, call the same API operation in each Region in which you want to apply the change. When you use central configuration, API requests for enabling Security Hub, standards, and controls are executed in the home Region and all linked Regions. For a list of central configuration operations, see the `Central configuration terms and concepts <https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html#central-configuration-concepts>`__ section of the *Security Hub User Guide*.

   

  The following throttling limits apply to Security Hub API operations.

   

  
  * ``BatchEnableStandards`` - ``RateLimit`` of 1 request per second. ``BurstLimit`` of 1 request per second.
   
  * ``GetFindings`` - ``RateLimit`` of 3 requests per second. ``BurstLimit`` of 6 requests per second.
   
  * ``BatchImportFindings`` - ``RateLimit`` of 10 requests per second. ``BurstLimit`` of 30 requests per second.
   
  * ``BatchUpdateFindings`` - ``RateLimit`` of 10 requests per second. ``BurstLimit`` of 30 requests per second.
   
  * ``UpdateStandardsControl`` - ``RateLimit`` of 1 request per second. ``BurstLimit`` of 5 requests per second.
   
  * All other operations - ``RateLimit`` of 10 requests per second. ``BurstLimit`` of 30 requests per second.
  

  ::

    
    import boto3
    
    client = boto3.client('securityhub')

  

These are the available methods:

.. toctree::
  :maxdepth: 1
  :titlesonly:

  securityhub/client/accept_administrator_invitation
  securityhub/client/accept_invitation
  securityhub/client/batch_delete_automation_rules
  securityhub/client/batch_disable_standards
  securityhub/client/batch_enable_standards
  securityhub/client/batch_get_automation_rules
  securityhub/client/batch_get_configuration_policy_associations
  securityhub/client/batch_get_security_controls
  securityhub/client/batch_get_standards_control_associations
  securityhub/client/batch_import_findings
  securityhub/client/batch_update_automation_rules
  securityhub/client/batch_update_findings
  securityhub/client/batch_update_findings_v2
  securityhub/client/batch_update_standards_control_associations
  securityhub/client/can_paginate
  securityhub/client/close
  securityhub/client/create_action_target
  securityhub/client/create_aggregator_v2
  securityhub/client/create_automation_rule
  securityhub/client/create_automation_rule_v2
  securityhub/client/create_configuration_policy
  securityhub/client/create_connector_v2
  securityhub/client/create_finding_aggregator
  securityhub/client/create_insight
  securityhub/client/create_members
  securityhub/client/create_ticket_v2
  securityhub/client/decline_invitations
  securityhub/client/delete_action_target
  securityhub/client/delete_aggregator_v2
  securityhub/client/delete_automation_rule_v2
  securityhub/client/delete_configuration_policy
  securityhub/client/delete_connector_v2
  securityhub/client/delete_finding_aggregator
  securityhub/client/delete_insight
  securityhub/client/delete_invitations
  securityhub/client/delete_members
  securityhub/client/describe_action_targets
  securityhub/client/describe_hub
  securityhub/client/describe_organization_configuration
  securityhub/client/describe_products
  securityhub/client/describe_products_v2
  securityhub/client/describe_security_hub_v2
  securityhub/client/describe_standards
  securityhub/client/describe_standards_controls
  securityhub/client/disable_import_findings_for_product
  securityhub/client/disable_organization_admin_account
  securityhub/client/disable_security_hub
  securityhub/client/disable_security_hub_v2
  securityhub/client/disassociate_from_administrator_account
  securityhub/client/disassociate_from_master_account
  securityhub/client/disassociate_members
  securityhub/client/enable_import_findings_for_product
  securityhub/client/enable_organization_admin_account
  securityhub/client/enable_security_hub
  securityhub/client/enable_security_hub_v2
  securityhub/client/get_administrator_account
  securityhub/client/get_aggregator_v2
  securityhub/client/get_automation_rule_v2
  securityhub/client/get_configuration_policy
  securityhub/client/get_configuration_policy_association
  securityhub/client/get_connector_v2
  securityhub/client/get_enabled_standards
  securityhub/client/get_finding_aggregator
  securityhub/client/get_finding_history
  securityhub/client/get_finding_statistics_v2
  securityhub/client/get_findings
  securityhub/client/get_findings_trends_v2
  securityhub/client/get_findings_v2
  securityhub/client/get_insight_results
  securityhub/client/get_insights
  securityhub/client/get_invitations_count
  securityhub/client/get_master_account
  securityhub/client/get_members
  securityhub/client/get_paginator
  securityhub/client/get_resources_statistics_v2
  securityhub/client/get_resources_trends_v2
  securityhub/client/get_resources_v2
  securityhub/client/get_security_control_definition
  securityhub/client/get_waiter
  securityhub/client/invite_members
  securityhub/client/list_aggregators_v2
  securityhub/client/list_automation_rules
  securityhub/client/list_automation_rules_v2
  securityhub/client/list_configuration_policies
  securityhub/client/list_configuration_policy_associations
  securityhub/client/list_connectors_v2
  securityhub/client/list_enabled_products_for_import
  securityhub/client/list_finding_aggregators
  securityhub/client/list_invitations
  securityhub/client/list_members
  securityhub/client/list_organization_admin_accounts
  securityhub/client/list_security_control_definitions
  securityhub/client/list_standards_control_associations
  securityhub/client/list_tags_for_resource
  securityhub/client/register_connector_v2
  securityhub/client/start_configuration_policy_association
  securityhub/client/start_configuration_policy_disassociation
  securityhub/client/tag_resource
  securityhub/client/untag_resource
  securityhub/client/update_action_target
  securityhub/client/update_aggregator_v2
  securityhub/client/update_automation_rule_v2
  securityhub/client/update_configuration_policy
  securityhub/client/update_connector_v2
  securityhub/client/update_finding_aggregator
  securityhub/client/update_findings
  securityhub/client/update_insight
  securityhub/client/update_organization_configuration
  securityhub/client/update_security_control
  securityhub/client/update_security_hub_configuration
  securityhub/client/update_standards_control


==========
Paginators
==========


Paginators are available on a client instance via the ``get_paginator`` method. For more detailed instructions and examples on the usage of paginators, see the paginators `user guide <https://boto3.amazonaws.com/v1/documentation/api/latest/guide/paginators.html>`_.

The available paginators are:

.. toctree::
  :maxdepth: 1
  :titlesonly:

  securityhub/paginator/DescribeActionTargets
  securityhub/paginator/DescribeProducts
  securityhub/paginator/DescribeProductsV2
  securityhub/paginator/DescribeStandards
  securityhub/paginator/DescribeStandardsControls
  securityhub/paginator/GetEnabledStandards
  securityhub/paginator/GetFindingHistory
  securityhub/paginator/GetFindings
  securityhub/paginator/GetFindingsTrendsV2
  securityhub/paginator/GetFindingsV2
  securityhub/paginator/GetInsights
  securityhub/paginator/GetResourcesTrendsV2
  securityhub/paginator/GetResourcesV2
  securityhub/paginator/ListAggregatorsV2
  securityhub/paginator/ListConfigurationPolicies
  securityhub/paginator/ListConfigurationPolicyAssociations
  securityhub/paginator/ListEnabledProductsForImport
  securityhub/paginator/ListFindingAggregators
  securityhub/paginator/ListInvitations
  securityhub/paginator/ListMembers
  securityhub/paginator/ListOrganizationAdminAccounts
  securityhub/paginator/ListSecurityControlDefinitions
  securityhub/paginator/ListStandardsControlAssociations
