1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
// Code generated by smithy-go-codegen DO NOT EDIT.
// Package securityhub provides the API client, operations, and parameter types
// for AWS SecurityHub.
//
// Security Hub provides you with a comprehensive view of your security state in
// Amazon Web Services and helps you assess your Amazon Web Services environment
// against security industry standards and best practices.
//
// Security Hub collects security data across Amazon Web Services accounts, Amazon
// Web Services, and supported third-party products and helps you analyze your
// security trends and identify the highest priority security issues.
//
// To help you manage the security state of your organization, Security Hub
// supports multiple security standards. These include the Amazon Web Services
// Foundational Security Best Practices (FSBP) standard developed by Amazon Web
// Services, and external compliance frameworks such as the Center for Internet
// Security (CIS), the Payment Card Industry Data Security Standard (PCI DSS), and
// the National Institute of Standards and Technology (NIST). Each standard
// includes several security controls, each of which represents a security best
// practice. Security Hub runs checks against security controls and generates
// control findings to help you assess your compliance against security best
// practices.
//
// In addition to generating control findings, Security Hub also receives findings
// from other Amazon Web Services, such as Amazon GuardDuty and Amazon Inspector,
// and supported third-party products. This gives you a single pane of glass into a
// variety of security-related issues. You can also send Security Hub findings to
// other Amazon Web Services and supported third-party products.
//
// Security Hub offers automation features that help you triage and remediate
// security issues. For example, you can use automation rules to automatically
// update critical findings when a security check fails. You can also leverage the
// integration with Amazon EventBridge to trigger automatic responses to specific
// findings.
//
// This guide, the Security Hub API Reference, provides information about the
// Security Hub API. This includes supported resources, HTTP methods, parameters,
// and schemas. If you're new to Security Hub, you might find it helpful to also
// review the [Security Hub User Guide]. The user guide explains key concepts and provides procedures that
// demonstrate how to use Security Hub features. It also provides information about
// topics such as integrating Security Hub with other Amazon Web Services.
//
// In addition to interacting with Security Hub by making calls to the Security
// Hub API, you can use a current version of an Amazon Web Services command line
// tool or SDK. Amazon Web Services provides tools and SDKs that consist of
// libraries and sample code for various languages and platforms, such as
// PowerShell, Java, Go, Python, C++, and .NET. These tools and SDKs provide
// convenient, programmatic access to Security Hub and other Amazon Web Services .
// They also handle tasks such as signing requests, managing errors, and retrying
// requests automatically. For information about installing and using the Amazon
// Web Services tools and SDKs, see [Tools to Build on Amazon Web Services].
//
// With the exception of operations that are related to central configuration,
// Security Hub API requests are executed only in the Amazon Web Services Region
// that is currently active or in the specific Amazon Web Services Region that you
// specify in your request. Any configuration or settings change that results from
// the operation is applied only to that Region. To make the same change in other
// Regions, call the same API operation in each Region in which you want to apply
// the change. When you use central configuration, API requests for enabling
// Security Hub, standards, and controls are executed in the home Region and all
// linked Regions. For a list of central configuration operations, see the [Central configuration terms and concepts]section
// of the Security Hub User Guide.
//
// The following throttling limits apply to Security Hub API operations.
//
// - BatchEnableStandards - RateLimit of 1 request per second. BurstLimit of 1
// request per second.
//
// - GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests
// per second.
//
// - BatchImportFindings - RateLimit of 10 requests per second. BurstLimit of 30
// requests per second.
//
// - BatchUpdateFindings - RateLimit of 10 requests per second. BurstLimit of 30
// requests per second.
//
// - UpdateStandardsControl - RateLimit of 1 request per second. BurstLimit of 5
// requests per second.
//
// - All other operations - RateLimit of 10 requests per second. BurstLimit of 30
// requests per second.
//
// [Security Hub User Guide]: https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html
// [Tools to Build on Amazon Web Services]: http://aws.amazon.com/developer/tools/
// [Central configuration terms and concepts]: https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html#central-configuration-concepts
package securityhub
|
