Data retrieval APIs for AWS Security Hub - AWS Online Register of Data Formats

Data retrieval APIs for AWS Security Hub

AWS Security Hub provides the following APIs for data retrieval.

Actions Description Access level
BatchGetAutomationRulesRetrieve a list of details for automation rules from Security Hub based on rule Amazon Resource Names (ARNs)Read
BatchGetConfigurationPolicyAssociationsRetrieve information about configuration policies associated with a specific list of member accounts and organizational units of the calling account's organizationRead
BatchGetControlEvaluationsGet the enablement and compliance status of controls, the findings count for controls, and the overall security score for controls on the Security Hub consoleRead
BatchGetSecurityControlsGet details about specific security controls identified by ID or ARNRead
BatchGetStandardsControlAssociationsGet the enablement status of a batch of security controls in standardsRead
DescribeActionTargetsRetrieve a list of custom actions using the APIRead
DescribeHubRetrieve information about the hub resource in your accountRead
DescribeOrganizationConfigurationDescribe the organization configuration for Security HubRead
DescribeProductsRetrieve information about the available Security Hub product integrationsRead
DescribeProductsV2Retrieve information about the available Security Hub V2 product integrationsRead
DescribeSecurityHubV2Retrieve information about the hub V2 resource in your accountRead
DescribeStandardsRetrieve information about Security Hub standardsRead
DescribeStandardsControlsRetrieve information about Security Hub standards controlsRead
GetAdhocInsightResultsRetrieve aggregated statistical data about the findingsRead
GetAdministratorAccountRetrieve details about the Security Hub administrator accountRead
GetAggregatorV2Retrieve details for an aggregatorV2, which configures data aggregation across RegionsRead
GetAutomationRuleV2Retrieve details for an automation rule V2 from Security Hub based on rule Amazon Resource Name (ARN)Read
GetConfigurationPolicyGet a complete overview of one configuration policy created by the calling accountRead
GetConfigurationPolicyAssociationRetrieve information about a configuration policy associated with a member account or organizational unit of the calling account's organizationRead
GetConnectorV2Retrieve details for a connector V2 from Security Hub based on connector idRead
GetControlFindingSummaryRetrieve a security score and counts of finding and control statuses for a security standardRead
GetEnabledStandardsRetrieve a list of the standards that are enabled in Security HubList
GetFindingAggregatorRetrieve details for a finding aggregator, which configures finding aggregation across RegionsRead
GetFindingHistoryRetrieve a list of finding history from Security HubRead
GetFindingsRetrieve a list of findings from Security HubRead
GetFindingsTrendsV2Retrieve findings trendsRead
GetFreeTrialEndDateRetrieve the end date for an account's free trial of Security HubRead
GetFreeTrialUsageRetrieve information about Security Hub usage during the free trial periodRead
GetInsightFindingTrendRetrieve an insight finding trend from Security Hub in order to generate a graphRead
GetInsightResultsRetrieve insight results from Security HubRead
GetInsightsRetrieve Security Hub insightsList
GetInvitationsCountRetrieve the count of Security Hub membership invitations sent to the accountRead
GetMasterAccountRetrieve details about the Security Hub master accountRead
GetMembersRetrieve the details of Security Hub member accountsRead
GetResourcesStatisticsV2Retrieve aggregate statistics about resourcesRead
GetResourcesTrendsV2Retrieve resources trendsRead
GetResourcesV2Retrieve a list of resourcesRead
GetSecurityControlDefinitionGet the definition details of a specific security control identified by IDRead
GetUsageRetrieve information about Security Hub usage by accountsRead
ListAggregatorsV2Retrieve a list of aggregatorsV2, which configures data aggregation across RegionsList
ListAutomationRulesRetrieve a list of automation rules and their metadata for the calling account from Security HubList
ListAutomationRulesV2Retrieve a list of automation rules V2 and their metadata for the calling account from Security HubList
ListConfigurationPoliciesList the summaries of all configuration policies created by the calling accountList
ListConfigurationPolicyAssociationsRetrieve information about all configuration policies associationed with all member accounts and organizational units of the calling account's organizationList
ListConnectorsV2Retrieve a list of connectors V2 and their metadata for the calling account from Security HubList
ListControlEvaluationSummariesRetrieve a list of controls for a standard, including the control IDs, statuses and finding countsRead
ListEnabledProductsForImportRetrieve the Security Hub integrated products that are currently enabledList
ListFindingAggregatorsRetrieve a list of finding aggregators, which contain the cross-Region finding aggregation configurationList
ListInvitationsRetrieve the Security Hub invitations sent to the accountList
ListMembersRetrieve details about Security Hub member accounts associated with the administrator accountList
ListOrganizationAdminAccountsList the Security Hub administrator accounts for your organizationList
ListSecurityControlDefinitionsRetrieve a list of security control definitions, which contain details for security controls in the current regionList
ListStandardsControlAssociationsList the enablement status of a security control in standardsList
ListTagsForResourceList of tags associated with a resourceRead
SendFindingEventsUse a custom action to send Security Hub findings to Amazon EventBridgeRead
SendInsightEventsUse a custom action to send Security Hub insights to Amazon EventBridgeRead