SecurityHub / Client / list_automation_rules

list_automation_rules#

SecurityHub.Client.list_automation_rules(**kwargs)#

A list of automation rules and their metadata for the calling account.

See also: AWS API Documentation

Request Syntax

response = client.list_automation_rules(
    NextToken='string',
    MaxResults=123
)
Parameters:
  • NextToken (string) – A token to specify where to start paginating the response. This is the NextToken from a previously truncated response. On your first call to the ListAutomationRules API, set the value of this parameter to NULL.

  • MaxResults (integer) – The maximum number of rules to return in the response. This currently ranges from 1 to 100.

Return type:

dict

Returns:

Response Syntax

{
    'AutomationRulesMetadata': [
        {
            'RuleArn': 'string',
            'RuleStatus': 'ENABLED'|'DISABLED',
            'RuleOrder': 123,
            'RuleName': 'string',
            'Description': 'string',
            'IsTerminal': True|False,
            'CreatedAt': datetime(2015, 1, 1),
            'UpdatedAt': datetime(2015, 1, 1),
            'CreatedBy': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) –

    • AutomationRulesMetadata (list) –

      Metadata for rules in the calling account. The response includes rules with a RuleStatus of ENABLED and DISABLED.

      • (dict) –

        Metadata for automation rules in the calling account. The response includes rules with a RuleStatus of ENABLED and DISABLED.

        • RuleArn (string) –

          The Amazon Resource Name (ARN) for the rule.

        • RuleStatus (string) –

          Whether the rule is active after it is created. If this parameter is equal to ENABLED, Security Hub starts applying the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.

        • RuleOrder (integer) –

          An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

        • RuleName (string) –

          The name of the rule.

        • Description (string) –

          A description of the rule.

        • IsTerminal (boolean) –

          Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.

        • CreatedAt (datetime) –

          A timestamp that indicates when the rule was created.

          This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

          • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

          • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

          • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

          • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

          • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

        • UpdatedAt (datetime) –

          A timestamp that indicates when the rule was most recently updated.

          This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

          • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

          • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

          • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

          • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

          • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

        • CreatedBy (string) –

          The principal that created a rule.

    • NextToken (string) –

      A pagination token for the response.

Exceptions