SecurityHub / Client / batch_get_security_controls
batch_get_security_controls#
- SecurityHub.Client.batch_get_security_controls(**kwargs)#
Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_security_controls( SecurityControlIds=[ 'string', ] )
- Parameters:
SecurityControlIds (list) –
[REQUIRED]
A list of security controls (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters). The security control ID or Amazon Resource Name (ARN) is the same across standards.(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'SecurityControls': [ { 'SecurityControlId': 'string', 'SecurityControlArn': 'string', 'Title': 'string', 'Description': 'string', 'RemediationUrl': 'string', 'SeverityRating': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL', 'SecurityControlStatus': 'ENABLED'|'DISABLED' }, ], 'UnprocessedIds': [ { 'SecurityControlId': 'string', 'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'LIMIT_EXCEEDED', 'ErrorReason': 'string' }, ] }
Response Structure
(dict) –
SecurityControls (list) –
An array that returns the identifier, Amazon Resource Name (ARN), and other details about a security control. The same information is returned whether the request includes
SecurityControlId
orSecurityControlArn
.(dict) –
A security control in Security Hub describes a security best practice related to a specific resource.
SecurityControlId (string) –
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Service name and a number, such as APIGateway.3.
SecurityControlArn (string) –
The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn’t mention a specific standard.Title (string) –
The title of a security control.
Description (string) –
The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn’t reference a specific standard.
RemediationUrl (string) –
A link to Security Hub documentation that explains how to remediate a failed finding for a security control.
SeverityRating (string) –
The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.
SecurityControlStatus (string) –
The enablement status of a security control in a specific standard.
UnprocessedIds (list) –
A security control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) for which details cannot be returned.(dict) –
Provides details about a security control for which a response couldn’t be returned.
SecurityControlId (string) –
The control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) for which a response couldn’t be returned.ErrorCode (string) –
The error code for the unprocessed security control.
ErrorReason (string) –
The reason why the security control was unprocessed.
Exceptions
SecurityHub.Client.exceptions.InternalException
SecurityHub.Client.exceptions.LimitExceededException
SecurityHub.Client.exceptions.InvalidAccessException
SecurityHub.Client.exceptions.InvalidInputException