SecurityHub / Client / list_automation_rules
list_automation_rules#
- SecurityHub.Client.list_automation_rules(**kwargs)#
A list of automation rules and their metadata for the calling account.
See also: AWS API Documentation
Request Syntax
response = client.list_automation_rules( NextToken='string', MaxResults=123 )
- Parameters:
NextToken (string) – A token to specify where to start paginating the response. This is the
NextToken
from a previously truncated response. On your first call to theListAutomationRules
API, set the value of this parameter toNULL
.MaxResults (integer) – The maximum number of rules to return in the response. This currently ranges from 1 to 100.
- Return type:
dict
- Returns:
Response Syntax
{ 'AutomationRulesMetadata': [ { 'RuleArn': 'string', 'RuleStatus': 'ENABLED'|'DISABLED', 'RuleOrder': 123, 'RuleName': 'string', 'Description': 'string', 'IsTerminal': True|False, 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1), 'CreatedBy': 'string' }, ], 'NextToken': 'string' }
Response Structure
(dict) –
AutomationRulesMetadata (list) –
Metadata for rules in the calling account. The response includes rules with a
RuleStatus
ofENABLED
andDISABLED
.(dict) –
Metadata for automation rules in the calling account. The response includes rules with a
RuleStatus
ofENABLED
andDISABLED
.RuleArn (string) –
The Amazon Resource Name (ARN) for the rule.
RuleStatus (string) –
Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, Security Hub starts applying the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.RuleOrder (integer) –
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
RuleName (string) –
The name of the rule.
Description (string) –
A description of the rule.
IsTerminal (boolean) –
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.
CreatedAt (datetime) –
A timestamp that indicates when the rule was created.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
)YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
)YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
UpdatedAt (datetime) –
A timestamp that indicates when the rule was most recently updated.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
)YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
)YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
CreatedBy (string) –
The principal that created a rule.
NextToken (string) –
A pagination token for the response.
Exceptions