AWS SecurityHub

2020/01/15 - AWS SecurityHub - 2 new api methods

Changes  Add support for DescribeStandardsControls and UpdateStandardsControl. These new Security Hub API operations are used to track and manage whether a compliance standards control is enabled.

UpdateStandardsControl (new) Link ¶

Used to control whether an individual compliance standard control is enabled or disabled.

See also: AWS API Documentation

Request Syntax

client.update_standards_control(
    StandardsControlArn='string',
    ControlStatus='ENABLED'|'DISABLED',
    DisabledReason='string'
)
type StandardsControlArn

string

param StandardsControlArn

[REQUIRED]

The ARN of the compliance standard control to enable or disable.

type ControlStatus

string

param ControlStatus

The updated status of the compliance standard control.

type DisabledReason

string

param DisabledReason

A description of the reason why you are disabling a compliance standard control.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

DescribeStandardsControls (new) Link ¶

Returns a list of compliance standards controls.

For each control, the results include information about whether it is currently enabled, the severity, and a link to remediation information.

See also: AWS API Documentation

Request Syntax

client.describe_standards_controls(
    StandardsSubscriptionArn='string',
    NextToken='string',
    MaxResults=123
)
type StandardsSubscriptionArn

string

param StandardsSubscriptionArn

[REQUIRED]

The ARN of a resource that represents your subscription to a supported standard.

type NextToken

string

param NextToken

For requests to get the next page of results, the pagination token that was returned with the previous set of results. The initial request does not include a pagination token.

type MaxResults

integer

param MaxResults

The maximum number of compliance standard controls to return.

rtype

dict

returns

Response Syntax

{
    'Controls': [
        {
            'StandardsControlArn': 'string',
            'ControlStatus': 'ENABLED'|'DISABLED',
            'DisabledReason': 'string',
            'ControlStatusUpdatedAt': datetime(2015, 1, 1),
            'ControlId': 'string',
            'Title': 'string',
            'Description': 'string',
            'RemediationUrl': 'string',
            'SeverityRating': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Controls (list) --

      A list of compliance standards controls.

      • (dict) --

        Details for an individual compliance standard control.

        • StandardsControlArn (string) --

          The ARN of the compliance standard control.

        • ControlStatus (string) --

          The current status of the compliance standard control. Indicates whether the control is enabled or disabled. Security Hub does not check against disabled controls.

        • DisabledReason (string) --

          The reason provided for the most recent change in status for the control.

        • ControlStatusUpdatedAt (datetime) --

          The date and time that the status of the compliance standard control was most recently updated.

        • ControlId (string) --

          The identifier of the compliance standard control.

        • Title (string) --

          The title of the compliance standard control.

        • Description (string) --

          The longer description of the compliance standard control. Provides information about what the control is checking for.

        • RemediationUrl (string) --

          A link to remediation information for the control in the Security Hub user documentation

        • SeverityRating (string) --

          The severity of findings generated from this compliance standard control.

          The finding severity is based on an assessment of how easy it would be to compromise AWS resources if the compliance issue is detected.

    • NextToken (string) --

      If there are more compliance standards control remaining in the results, then this is the pagination token to use to request the next page of compliance standard controls.