SecurityHub / Client / list_automation_rules
list_automation_rules#
- SecurityHub.Client.list_automation_rules(**kwargs)#
A list of automation rules and their metadata for the calling account.
See also: AWS API Documentation
Request Syntax
response = client.list_automation_rules( NextToken='string', MaxResults=123 )
- Parameters:
NextToken (string) – A token to specify where to start paginating the response. This is the
NextToken
from a previously truncated response. On your first call to theListAutomationRules
API, set the value of this parameter toNULL
.MaxResults (integer) – The maximum number of rules to return in the response. This currently ranges from 1 to 100.
- Return type:
dict
- Returns:
Response Syntax
{ 'AutomationRulesMetadata': [ { 'RuleArn': 'string', 'RuleStatus': 'ENABLED'|'DISABLED', 'RuleOrder': 123, 'RuleName': 'string', 'Description': 'string', 'IsTerminal': True|False, 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1), 'CreatedBy': 'string' }, ], 'NextToken': 'string' }
Response Structure
(dict) –
AutomationRulesMetadata (list) –
Metadata for rules in the calling account. The response includes rules with a
RuleStatus
ofENABLED
andDISABLED
.(dict) –
Metadata for automation rules in the calling account. The response includes rules with a
RuleStatus
ofENABLED
andDISABLED
.RuleArn (string) –
The Amazon Resource Name (ARN) for the rule.
RuleStatus (string) –
Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, Security Hub starts applying the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.RuleOrder (integer) –
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
RuleName (string) –
The name of the rule.
Description (string) –
A description of the rule.
IsTerminal (boolean) –
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.
CreatedAt (datetime) –
A timestamp that indicates when the rule was created.
Uses the
date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example,2020-03-22T13:22:13.933Z
.UpdatedAt (datetime) –
A timestamp that indicates when the rule was most recently updated.
Uses the
date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example,2020-03-22T13:22:13.933Z
.CreatedBy (string) –
The principal that created a rule.
NextToken (string) –
A pagination token for the response.
Exceptions
SecurityHub.Client.exceptions.AccessDeniedException
SecurityHub.Client.exceptions.InternalException
SecurityHub.Client.exceptions.InvalidAccessException
SecurityHub.Client.exceptions.InvalidInputException
SecurityHub.Client.exceptions.LimitExceededException