:doc:`SecurityHub <../../securityhub>` / Client / update_security_hub_configuration

*********************************
update_security_hub_configuration
*********************************



.. py:method:: SecurityHub.Client.update_security_hub_configuration(**kwargs)

  

  Updates configuration options for Security Hub.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityHubConfiguration>`_  


  **Request Syntax**
  ::

    response = client.update_security_hub_configuration(
        AutoEnableControls=True|False,
        ControlFindingGenerator='STANDARD_CONTROL'|'SECURITY_CONTROL'
    )
    
  :type AutoEnableControls: boolean
  :param AutoEnableControls: 

    Whether to automatically enable new controls when they are added to standards that are enabled.

     

    By default, this is set to ``true``, and new controls are enabled automatically. To not automatically enable new controls, set this to ``false``.

     

    When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of ``DISABLED``. It can take up to several days for Security Hub to process the control release and designate the control as ``ENABLED`` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have ``AutoEnableControls`` set to ``true``.

    

  
  :type ControlFindingGenerator: string
  :param ControlFindingGenerator: 

    Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to ``SECURITY_CONTROL``, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.

     

    If the value for this field is set to ``STANDARD_CONTROL``, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.

     

    For accounts that are part of an organization, this value can only be updated in the administrator account.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 
  
  **Exceptions**
  
  *   :py:class:`SecurityHub.Client.exceptions.InternalException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidInputException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidAccessException`

  
  *   :py:class:`SecurityHub.Client.exceptions.LimitExceededException`

  
  *   :py:class:`SecurityHub.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`SecurityHub.Client.exceptions.AccessDeniedException`

  