Documentation

Overview

Package securityhub provides the client and types for making API requests to AWS SecurityHub.

Security Hub provides you with a comprehensive view of the security state of your AWS environment and resources. It also provides you with the readiness status of your environment based on controls from supported security standards. Security Hub collects security data from AWS accounts, services, and integrated third-party products and helps you analyze security trends in your environment to identify the highest priority security issues. For more information about Security Hub, see the AWS Security Hub User Guide (https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html) .

When you use operations in the Security Hub API, the requests are executed only in the AWS Region that is currently active or in the specific AWS Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, execute the same command for each Region to apply the change to.

For example, if your Region is set to us-west-2, when you use CreateMembers to add a member account to Security Hub, the association of the member account with the master account is created only in the us-west-2 Region. Security Hub must be enabled for the member account in the same Region that the invitation was sent from.

The following throttling limits apply to using Security Hub API operations.

* GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests
per second.

* UpdateFindings - RateLimit of 1 request per second. BurstLimit of 5
requests per second.

* All other operations - RateLimit of 10 requests per second. BurstLimit
of 30 requests per second.

See https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26 for more information on this service.

See securityhub package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/securityhub/

Using the Client

To contact AWS SecurityHub with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS SecurityHub client SecurityHub for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/securityhub/#New

Index

Constants

View Source
const (
	// AwsIamAccessKeyStatusActive is a AwsIamAccessKeyStatus enum value
	AwsIamAccessKeyStatusActive = "Active"

	// AwsIamAccessKeyStatusInactive is a AwsIamAccessKeyStatus enum value
	AwsIamAccessKeyStatusInactive = "Inactive"
)
View Source
const (
	// ComplianceStatusPassed is a ComplianceStatus enum value
	ComplianceStatusPassed = "PASSED"

	// ComplianceStatusWarning is a ComplianceStatus enum value
	ComplianceStatusWarning = "WARNING"

	// ComplianceStatusFailed is a ComplianceStatus enum value
	ComplianceStatusFailed = "FAILED"

	// ComplianceStatusNotAvailable is a ComplianceStatus enum value
	ComplianceStatusNotAvailable = "NOT_AVAILABLE"
)
View Source
const (
	// ControlStatusEnabled is a ControlStatus enum value
	ControlStatusEnabled = "ENABLED"

	// ControlStatusDisabled is a ControlStatus enum value
	ControlStatusDisabled = "DISABLED"
)
View Source
const (
	// IntegrationTypeSendFindingsToSecurityHub is a IntegrationType enum value
	IntegrationTypeSendFindingsToSecurityHub = "SEND_FINDINGS_TO_SECURITY_HUB"

	// IntegrationTypeReceiveFindingsFromSecurityHub is a IntegrationType enum value
	IntegrationTypeReceiveFindingsFromSecurityHub = "RECEIVE_FINDINGS_FROM_SECURITY_HUB"
)
View Source
const (
	// MalwareStateObserved is a MalwareState enum value
	MalwareStateObserved = "OBSERVED"

	// MalwareStateRemovalFailed is a MalwareState enum value
	MalwareStateRemovalFailed = "REMOVAL_FAILED"

	// MalwareStateRemoved is a MalwareState enum value
	MalwareStateRemoved = "REMOVED"
)
View Source
const (
	// MalwareTypeAdware is a MalwareType enum value
	MalwareTypeAdware = "ADWARE"

	// MalwareTypeBlendedThreat is a MalwareType enum value
	MalwareTypeBlendedThreat = "BLENDED_THREAT"

	// MalwareTypeBotnetAgent is a MalwareType enum value
	MalwareTypeBotnetAgent = "BOTNET_AGENT"

	// MalwareTypeCoinMiner is a MalwareType enum value
	MalwareTypeCoinMiner = "COIN_MINER"

	// MalwareTypeExploitKit is a MalwareType enum value
	MalwareTypeExploitKit = "EXPLOIT_KIT"

	// MalwareTypeKeylogger is a MalwareType enum value
	MalwareTypeKeylogger = "KEYLOGGER"

	// MalwareTypeMacro is a MalwareType enum value
	MalwareTypeMacro = "MACRO"

	// MalwareTypePotentiallyUnwanted is a MalwareType enum value
	MalwareTypePotentiallyUnwanted = "POTENTIALLY_UNWANTED"

	// MalwareTypeSpyware is a MalwareType enum value
	MalwareTypeSpyware = "SPYWARE"

	// MalwareTypeRansomware is a MalwareType enum value
	MalwareTypeRansomware = "RANSOMWARE"

	// MalwareTypeRemoteAccess is a MalwareType enum value
	MalwareTypeRemoteAccess = "REMOTE_ACCESS"

	// MalwareTypeRootkit is a MalwareType enum value
	MalwareTypeRootkit = "ROOTKIT"

	// MalwareTypeTrojan is a MalwareType enum value
	MalwareTypeTrojan = "TROJAN"

	// MalwareTypeVirus is a MalwareType enum value
	MalwareTypeVirus = "VIRUS"

	// MalwareTypeWorm is a MalwareType enum value
	MalwareTypeWorm = "WORM"
)
View Source
const (
	// NetworkDirectionIn is a NetworkDirection enum value
	NetworkDirectionIn = "IN"

	// NetworkDirectionOut is a NetworkDirection enum value
	NetworkDirectionOut = "OUT"
)
View Source
const (
	// PartitionAws is a Partition enum value
	PartitionAws = "aws"

	// PartitionAwsCn is a Partition enum value
	PartitionAwsCn = "aws-cn"

	// PartitionAwsUsGov is a Partition enum value
	PartitionAwsUsGov = "aws-us-gov"
)
View Source
const (
	// RecordStateActive is a RecordState enum value
	RecordStateActive = "ACTIVE"

	// RecordStateArchived is a RecordState enum value
	RecordStateArchived = "ARCHIVED"
)
View Source
const (
	// SeverityLabelInformational is a SeverityLabel enum value
	SeverityLabelInformational = "INFORMATIONAL"

	// SeverityLabelLow is a SeverityLabel enum value
	SeverityLabelLow = "LOW"

	// SeverityLabelMedium is a SeverityLabel enum value
	SeverityLabelMedium = "MEDIUM"

	// SeverityLabelHigh is a SeverityLabel enum value
	SeverityLabelHigh = "HIGH"

	// SeverityLabelCritical is a SeverityLabel enum value
	SeverityLabelCritical = "CRITICAL"
)
View Source
const (
	// SeverityRatingLow is a SeverityRating enum value
	SeverityRatingLow = "LOW"

	// SeverityRatingMedium is a SeverityRating enum value
	SeverityRatingMedium = "MEDIUM"

	// SeverityRatingHigh is a SeverityRating enum value
	SeverityRatingHigh = "HIGH"

	// SeverityRatingCritical is a SeverityRating enum value
	SeverityRatingCritical = "CRITICAL"
)
View Source
const (
	// SortOrderAsc is a SortOrder enum value
	SortOrderAsc = "asc"

	// SortOrderDesc is a SortOrder enum value
	SortOrderDesc = "desc"
)
View Source
const (
	// StandardsStatusPending is a StandardsStatus enum value
	StandardsStatusPending = "PENDING"

	// StandardsStatusReady is a StandardsStatus enum value
	StandardsStatusReady = "READY"

	// StandardsStatusFailed is a StandardsStatus enum value
	StandardsStatusFailed = "FAILED"

	// StandardsStatusDeleting is a StandardsStatus enum value
	StandardsStatusDeleting = "DELETING"

	// StandardsStatusIncomplete is a StandardsStatus enum value
	StandardsStatusIncomplete = "INCOMPLETE"
)
View Source
const (
	// StringFilterComparisonEquals is a StringFilterComparison enum value
	StringFilterComparisonEquals = "EQUALS"

	// StringFilterComparisonPrefix is a StringFilterComparison enum value
	StringFilterComparisonPrefix = "PREFIX"
)
View Source
const (
	// ThreatIntelIndicatorCategoryBackdoor is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryBackdoor = "BACKDOOR"

	// ThreatIntelIndicatorCategoryCardStealer is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryCardStealer = "CARD_STEALER"

	// ThreatIntelIndicatorCategoryCommandAndControl is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryCommandAndControl = "COMMAND_AND_CONTROL"

	// ThreatIntelIndicatorCategoryDropSite is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryDropSite = "DROP_SITE"

	// ThreatIntelIndicatorCategoryExploitSite is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryExploitSite = "EXPLOIT_SITE"

	// ThreatIntelIndicatorCategoryKeylogger is a ThreatIntelIndicatorCategory enum value
	ThreatIntelIndicatorCategoryKeylogger = "KEYLOGGER"
)
View Source
const (
	// ThreatIntelIndicatorTypeDomain is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeDomain = "DOMAIN"

	// ThreatIntelIndicatorTypeEmailAddress is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeEmailAddress = "EMAIL_ADDRESS"

	// ThreatIntelIndicatorTypeHashMd5 is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeHashMd5 = "HASH_MD5"

	// ThreatIntelIndicatorTypeHashSha1 is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeHashSha1 = "HASH_SHA1"

	// ThreatIntelIndicatorTypeHashSha256 is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeHashSha256 = "HASH_SHA256"

	// ThreatIntelIndicatorTypeHashSha512 is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeHashSha512 = "HASH_SHA512"

	// ThreatIntelIndicatorTypeIpv4Address is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeIpv4Address = "IPV4_ADDRESS"

	// ThreatIntelIndicatorTypeIpv6Address is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeIpv6Address = "IPV6_ADDRESS"

	// ThreatIntelIndicatorTypeMutex is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeMutex = "MUTEX"

	// ThreatIntelIndicatorTypeProcess is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeProcess = "PROCESS"

	// ThreatIntelIndicatorTypeUrl is a ThreatIntelIndicatorType enum value
	ThreatIntelIndicatorTypeUrl = "URL"
)
View Source
const (
	// VerificationStateUnknown is a VerificationState enum value
	VerificationStateUnknown = "UNKNOWN"

	// VerificationStateTruePositive is a VerificationState enum value
	VerificationStateTruePositive = "TRUE_POSITIVE"

	// VerificationStateFalsePositive is a VerificationState enum value
	VerificationStateFalsePositive = "FALSE_POSITIVE"

	// VerificationStateBenignPositive is a VerificationState enum value
	VerificationStateBenignPositive = "BENIGN_POSITIVE"
)
View Source
const (
	// WorkflowStateNew is a WorkflowState enum value
	WorkflowStateNew = "NEW"

	// WorkflowStateAssigned is a WorkflowState enum value
	WorkflowStateAssigned = "ASSIGNED"

	// WorkflowStateInProgress is a WorkflowState enum value
	WorkflowStateInProgress = "IN_PROGRESS"

	// WorkflowStateDeferred is a WorkflowState enum value
	WorkflowStateDeferred = "DEFERRED"

	// WorkflowStateResolved is a WorkflowState enum value
	WorkflowStateResolved = "RESOLVED"
)
View Source
const (
	// WorkflowStatusNew is a WorkflowStatus enum value
	WorkflowStatusNew = "NEW"

	// WorkflowStatusNotified is a WorkflowStatus enum value
	WorkflowStatusNotified = "NOTIFIED"

	// WorkflowStatusResolved is a WorkflowStatus enum value
	WorkflowStatusResolved = "RESOLVED"

	// WorkflowStatusSuppressed is a WorkflowStatus enum value
	WorkflowStatusSuppressed = "SUPPRESSED"
)
View Source
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You don't have permission to perform the action specified in the request.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeInternalException for service response error code
	// "InternalException".
	//
	// Internal server error.
	ErrCodeInternalException = "InternalException"

	// ErrCodeInvalidAccessException for service response error code
	// "InvalidAccessException".
	//
	// AWS Security Hub isn't enabled for the account used to make this request.
	ErrCodeInvalidAccessException = "InvalidAccessException"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInputException".
	//
	// The request was rejected because you supplied an invalid or out-of-range
	// value for an input parameter.
	ErrCodeInvalidInputException = "InvalidInputException"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceededException".
	//
	// The request was rejected because it attempted to create resources beyond
	// the current AWS account limits. The error code describes the limit exceeded.
	ErrCodeLimitExceededException = "LimitExceededException"

	// ErrCodeResourceConflictException for service response error code
	// "ResourceConflictException".
	//
	// The resource specified in the request conflicts with an existing resource.
	ErrCodeResourceConflictException = "ResourceConflictException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// The request was rejected because we can't find the specified resource.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"
)
View Source
const (
	ServiceName = "SecurityHub" // Name of service.
	EndpointsID = "securityhub" // ID to lookup a service endpoint with.
	ServiceID   = "SecurityHub" // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// DateRangeUnitDays is a DateRangeUnit enum value
	DateRangeUnitDays = "DAYS"
)
View Source
const (
	// MapFilterComparisonEquals is a MapFilterComparison enum value
	MapFilterComparisonEquals = "EQUALS"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AcceptInvitationInput

type AcceptInvitationInput struct {

	// The ID of the invitation sent from the Security Hub master account.
	//
	// InvitationId is a required field
	InvitationId *string `type:"string" required:"true"`

	// The account ID of the Security Hub master account that sent the invitation.
	//
	// MasterId is a required field
	MasterId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AcceptInvitationInput) GoString

func (s AcceptInvitationInput) GoString() string

GoString returns the string representation

func (*AcceptInvitationInput) SetInvitationId

func (s *AcceptInvitationInput) SetInvitationId(v string) *AcceptInvitationInput

SetInvitationId sets the InvitationId field's value.

func (*AcceptInvitationInput) SetMasterId

SetMasterId sets the MasterId field's value.

func (AcceptInvitationInput) String

func (s AcceptInvitationInput) String() string

String returns the string representation

func (*AcceptInvitationInput) Validate

func (s *AcceptInvitationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AcceptInvitationOutput

type AcceptInvitationOutput struct {
	// contains filtered or unexported fields
}

func (AcceptInvitationOutput) GoString

func (s AcceptInvitationOutput) GoString() string

GoString returns the string representation

func (AcceptInvitationOutput) String

func (s AcceptInvitationOutput) String() string

String returns the string representation

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Code_ *string `locationName:"Code" type:"string"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

You don't have permission to perform the action specified in the request.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation

type AccountDetails

type AccountDetails struct {

	// The ID of an AWS account.
	AccountId *string `type:"string"`

	// The email of an AWS account.
	Email *string `type:"string"`
	// contains filtered or unexported fields
}

The details of an AWS account.

func (AccountDetails) GoString

func (s AccountDetails) GoString() string

GoString returns the string representation

func (*AccountDetails) SetAccountId

func (s *AccountDetails) SetAccountId(v string) *AccountDetails

SetAccountId sets the AccountId field's value.

func (*AccountDetails) SetEmail

func (s *AccountDetails) SetEmail(v string) *AccountDetails

SetEmail sets the Email field's value.

func (AccountDetails) String

func (s AccountDetails) String() string

String returns the string representation

type ActionTarget

type ActionTarget struct {

	// The ARN for the target action.
	//
	// ActionTargetArn is a required field
	ActionTargetArn *string `type:"string" required:"true"`

	// The description of the target action.
	//
	// Description is a required field
	Description *string `type:"string" required:"true"`

	// The name of the action target.
	//
	// Name is a required field
	Name *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

An ActionTarget object.

func (ActionTarget) GoString

func (s ActionTarget) GoString() string

GoString returns the string representation

func (*ActionTarget) SetActionTargetArn

func (s *ActionTarget) SetActionTargetArn(v string) *ActionTarget

SetActionTargetArn sets the ActionTargetArn field's value.

func (*ActionTarget) SetDescription

func (s *ActionTarget) SetDescription(v string) *ActionTarget

SetDescription sets the Description field's value.

func (*ActionTarget) SetName

func (s *ActionTarget) SetName(v string) *ActionTarget

SetName sets the Name field's value.

func (ActionTarget) String

func (s ActionTarget) String() string

String returns the string representation

type AvailabilityZone

type AvailabilityZone struct {

	// The ID of the subnet. You can specify one subnet per Availability Zone.
	SubnetId *string `type:"string"`

	// The name of the Availability Zone.
	ZoneName *string `type:"string"`
	// contains filtered or unexported fields
}

Information about an Availability Zone.

func (AvailabilityZone) GoString

func (s AvailabilityZone) GoString() string

GoString returns the string representation

func (*AvailabilityZone) SetSubnetId

func (s *AvailabilityZone) SetSubnetId(v string) *AvailabilityZone

SetSubnetId sets the SubnetId field's value.

func (*AvailabilityZone) SetZoneName

func (s *AvailabilityZone) SetZoneName(v string) *AvailabilityZone

SetZoneName sets the ZoneName field's value.

func (AvailabilityZone) String

func (s AvailabilityZone) String() string

String returns the string representation

type AwsAutoScalingAutoScalingGroupDetails

type AwsAutoScalingAutoScalingGroupDetails struct {

	// The datetime when the auto scaling group was created.
	CreatedTime *string `type:"string"`

	// The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before
	// it checks the health status of an EC2 instance that has come into service.
	HealthCheckGracePeriod *int64 `type:"integer"`

	// The service to use for the health checks.
	HealthCheckType *string `type:"string"`

	// The name of the launch configuration.
	LaunchConfigurationName *string `type:"string"`

	// The list of load balancers associated with the group.
	LoadBalancerNames []*string `type:"list"`
	// contains filtered or unexported fields
}

Provides details about an auto scaling group.

func (AwsAutoScalingAutoScalingGroupDetails) GoString

GoString returns the string representation

func (*AwsAutoScalingAutoScalingGroupDetails) SetCreatedTime

SetCreatedTime sets the CreatedTime field's value.

func (*AwsAutoScalingAutoScalingGroupDetails) SetHealthCheckGracePeriod

SetHealthCheckGracePeriod sets the HealthCheckGracePeriod field's value.

func (*AwsAutoScalingAutoScalingGroupDetails) SetHealthCheckType

SetHealthCheckType sets the HealthCheckType field's value.

func (*AwsAutoScalingAutoScalingGroupDetails) SetLaunchConfigurationName

SetLaunchConfigurationName sets the LaunchConfigurationName field's value.

func (*AwsAutoScalingAutoScalingGroupDetails) SetLoadBalancerNames

SetLoadBalancerNames sets the LoadBalancerNames field's value.

func (AwsAutoScalingAutoScalingGroupDetails) String

String returns the string representation

type AwsCloudFrontDistributionDetails

type AwsCloudFrontDistributionDetails struct {

	// The domain name corresponding to the distribution.
	DomainName *string `type:"string"`

	// The entity tag is a hash of the object.
	ETag *string `type:"string"`

	// The date and time that the distribution was last modified.
	LastModifiedTime *string `type:"string"`

	// A complex type that controls whether access logs are written for the distribution.
	Logging *AwsCloudFrontDistributionLogging `type:"structure"`

	// A complex type that contains information about origins for this distribution.
	Origins *AwsCloudFrontDistributionOrigins `type:"structure"`

	// Indicates the current status of the distribution.
	Status *string `type:"string"`

	// A unique identifier that specifies the AWS WAF web ACL, if any, to associate
	// with this distribution.
	WebAclId *string `type:"string"`
	// contains filtered or unexported fields
}

A distribution configuration.

func (AwsCloudFrontDistributionDetails) GoString

GoString returns the string representation

func (*AwsCloudFrontDistributionDetails) SetDomainName

SetDomainName sets the DomainName field's value.

func (*AwsCloudFrontDistributionDetails) SetETag