SecurityHub / Paginator / ListSecurityControlDefinitions

ListSecurityControlDefinitions#

class SecurityHub.Paginator.ListSecurityControlDefinitions#
paginator = client.get_paginator('list_security_control_definitions')
paginate(**kwargs)#

Creates an iterator that will paginate through responses from SecurityHub.Client.list_security_control_definitions().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    StandardsArn='string',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:
  • StandardsArn (string) – The Amazon Resource Name (ARN) of the standard that you want to view controls for.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'SecurityControlDefinitions': [
        {
            'SecurityControlId': 'string',
            'Title': 'string',
            'Description': 'string',
            'RemediationUrl': 'string',
            'SeverityRating': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
            'CurrentRegionAvailability': 'AVAILABLE'|'UNAVAILABLE',
            'CustomizableProperties': [
                'Parameters',
            ],
            'ParameterDefinitions': {
                'string': {
                    'Description': 'string',
                    'ConfigurationOptions': {
                        'Integer': {
                            'DefaultValue': 123,
                            'Min': 123,
                            'Max': 123
                        },
                        'IntegerList': {
                            'DefaultValue': [
                                123,
                            ],
                            'Min': 123,
                            'Max': 123,
                            'MaxItems': 123
                        },
                        'Double': {
                            'DefaultValue': 123.0,
                            'Min': 123.0,
                            'Max': 123.0
                        },
                        'String': {
                            'DefaultValue': 'string',
                            'Re2Expression': 'string',
                            'ExpressionDescription': 'string'
                        },
                        'StringList': {
                            'DefaultValue': [
                                'string',
                            ],
                            'Re2Expression': 'string',
                            'MaxItems': 123,
                            'ExpressionDescription': 'string'
                        },
                        'Boolean': {
                            'DefaultValue': True|False
                        },
                        'Enum': {
                            'DefaultValue': 'string',
                            'AllowedValues': [
                                'string',
                            ]
                        },
                        'EnumList': {
                            'DefaultValue': [
                                'string',
                            ],
                            'MaxItems': 123,
                            'AllowedValues': [
                                'string',
                            ]
                        }
                    }
                }
            }
        },
    ],

}

Response Structure

  • (dict) –

    • SecurityControlDefinitions (list) –

      An array of controls that apply to the specified standard.

      • (dict) –

        Provides metadata for a security control, including its unique standard-agnostic identifier, title, description, severity, availability in Amazon Web Services Regions, and a link to remediation steps.

        • SecurityControlId (string) –

          The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number (for example, APIGateway.3). This parameter differs from SecurityControlArn, which is a unique Amazon Resource Name (ARN) assigned to a control. The ARN references the security control ID (for example, arn:aws:securityhub:eu-central-1:123456789012:security-control/APIGateway.3).

        • Title (string) –

          The title of a security control.

        • Description (string) –

          The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn’t reference a specific standard.

        • RemediationUrl (string) –

          A link to Security Hub documentation that explains how to remediate a failed finding for a security control.

        • SeverityRating (string) –

          The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.

        • CurrentRegionAvailability (string) –

          Specifies whether a security control is available in the current Amazon Web Services Region.

        • CustomizableProperties (list) –

          Security control properties that you can customize. Currently, only parameter customization is supported for select controls. An empty array is returned for controls that don’t support custom properties.

          • (string) –

        • ParameterDefinitions (dict) –

          An object that provides a security control parameter name, description, and the options for customizing it. This object is excluded for a control that doesn’t support custom parameters.

          • (string) –

            • (dict) –

              An object that describes a security control parameter and the options for customizing it.

              • Description (string) –

                Description of a control parameter.

              • ConfigurationOptions (dict) –

                The options for customizing a control parameter. Customization options vary based on the data type of the parameter.

                Note

                This is a Tagged Union structure. Only one of the following top level keys will be set: Integer, IntegerList, Double, String, StringList, Boolean, Enum, EnumList. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

                'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
                
                • Integer (dict) –

                  The options for customizing a security control parameter that is an integer.

                  • DefaultValue (integer) –

                    The Security Hub default value for a control parameter that is an integer.

                  • Min (integer) –

                    The minimum valid value for a control parameter that is an integer.

                  • Max (integer) –

                    The maximum valid value for a control parameter that is an integer.

                • IntegerList (dict) –

                  The options for customizing a security control parameter that is a list of integers.

                  • DefaultValue (list) –

                    The Security Hub default value for a control parameter that is a list of integers.

                    • (integer) –

                  • Min (integer) –

                    The minimum valid value for a control parameter that is a list of integers.

                  • Max (integer) –

                    The maximum valid value for a control parameter that is a list of integers.

                  • MaxItems (integer) –

                    The maximum number of list items that an interger list control parameter can accept.

                • Double (dict) –

                  The options for customizing a security control parameter that is a double.

                  • DefaultValue (float) –

                    The Security Hub default value for a control parameter that is a double.

                  • Min (float) –

                    The minimum valid value for a control parameter that is a double.

                  • Max (float) –

                    The maximum valid value for a control parameter that is a double.

                • String (dict) –

                  The options for customizing a security control parameter that is a string data type.

                  • DefaultValue (string) –

                    The Security Hub default value for a control parameter that is a string.

                  • Re2Expression (string) –

                    An RE2 regular expression that Security Hub uses to validate a user-provided control parameter string.

                  • ExpressionDescription (string) –

                    The description of the RE2 regular expression.

                • StringList (dict) –

                  The options for customizing a security control parameter that is a list of strings.

                  • DefaultValue (list) –

                    The Security Hub default value for a control parameter that is a list of strings.

                    • (string) –

                  • Re2Expression (string) –

                    An RE2 regular expression that Security Hub uses to validate a user-provided list of strings for a control parameter.

                  • MaxItems (integer) –

                    The maximum number of list items that a string list control parameter can accept.

                  • ExpressionDescription (string) –

                    The description of the RE2 regular expression.

                • Boolean (dict) –

                  The options for customizing a security control parameter that is a boolean. For a boolean parameter, the options are true and false.

                  • DefaultValue (boolean) –

                    The Security Hub default value for a boolean parameter.

                • Enum (dict) –

                  The options for customizing a security control parameter that is an enum.

                  • DefaultValue (string) –

                    The Security Hub default value for a control parameter that is an enum.

                  • AllowedValues (list) –

                    The valid values for a control parameter that is an enum.

                    • (string) –

                • EnumList (dict) –

                  The options for customizing a security control parameter that is a list of enums.

                  • DefaultValue (list) –

                    The Security Hub default value for a control parameter that is a list of enums.

                    • (string) –

                  • MaxItems (integer) –

                    The maximum number of list items that an enum list control parameter can accept.

                  • AllowedValues (list) –

                    The valid values for a control parameter that is a list of enums.

                    • (string) –