@aws-sdk/client-securityhub
Advanced tools
AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native
AWS SDK for JavaScript SecurityHub Client for Node.js, Browser and React Native.
Security Hub CSPM provides you with a comprehensive view of your security state in Amazon Web Services and helps you assess your Amazon Web Services environment against security industry standards and best practices.
Security Hub CSPM collects security data across Amazon Web Services accounts, Amazon Web Services services, and supported third-party products and helps you analyze your security trends and identify the highest priority security issues.
To help you manage the security state of your organization, Security Hub CSPM supports multiple security standards. These include the Amazon Web Services Foundational Security Best Practices (FSBP) standard developed by Amazon Web Services, and external compliance frameworks such as the Center for Internet Security (CIS), the Payment Card Industry Data Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes several security controls, each of which represents a security best practice. Security Hub CSPM runs checks against security controls and generates control findings to help you assess your compliance against security best practices.
In addition to generating control findings, Security Hub CSPM also receives findings from other Amazon Web Services services, such as Amazon GuardDuty and Amazon Inspector, and supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You can also send Security Hub CSPM findings to other Amazon Web Services services and supported third-party products.
Security Hub CSPM offers automation features that help you triage and remediate security issues. For example, you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with Amazon EventBridge to trigger automatic responses to specific findings.
This guide, the Security Hub CSPM API Reference, provides information about the Security Hub CSPM API. This includes supported resources, HTTP methods, parameters, and schemas. If you're new to Security Hub CSPM, you might find it helpful to also review the Security Hub CSPM User Guide . The user guide explains key concepts and provides procedures that demonstrate how to use Security Hub CSPM features. It also provides information about topics such as integrating Security Hub CSPM with other Amazon Web Services services.
In addition to interacting with Security Hub CSPM by making calls to the Security Hub CSPM API, you can use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell, Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to Security Hub CSPM and other Amazon Web Services services . They also handle tasks such as signing requests, managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services tools and SDKs, see Tools to Build on Amazon Web Services.
With the exception of operations that are related to central configuration, Security Hub CSPM API requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, call the same API operation in each Region in which you want to apply the change. When you use central configuration, API requests for enabling Security Hub CSPM, standards, and controls are executed in the home Region and all linked Regions. For a list of central configuration operations, see the Central configuration terms and concepts section of the Security Hub CSPM User Guide.
The following throttling limits apply to Security Hub CSPM API operations.
BatchEnableStandards - RateLimit of 1 request per
second. BurstLimit of 1 request per second.
GetFindings - RateLimit of 3 requests per second.
BurstLimit of 6 requests per second.
BatchImportFindings - RateLimit of 10 requests per second.
BurstLimit of 30 requests per second.
BatchUpdateFindings - RateLimit of 10 requests per second.
BurstLimit of 30 requests per second.
UpdateStandardsControl - RateLimit of 1 request per
second. BurstLimit of 5 requests per second.
All other operations - RateLimit of 10 requests per second.
BurstLimit of 30 requests per second.
To install this package, use the CLI of your favorite package manager:
npm install @aws-sdk/client-securityhubyarn add @aws-sdk/client-securityhubpnpm add @aws-sdk/client-securityhubThe AWS SDK is modulized by clients and commands.
To send a request, you only need to import the SecurityHubClient and
the commands you need, for example ListMembersCommand:
// ES5 example
const { SecurityHubClient, ListMembersCommand } = require("@aws-sdk/client-securityhub");
// ES6+ example
import { SecurityHubClient, ListMembersCommand } from "@aws-sdk/client-securityhub";
To send a request:
send operation on the client, providing the command object as input.const client = new SecurityHubClient({ region: "REGION" });
const params = { /** input parameters */ };
const command = new ListMembersCommand(params);
We recommend using the await operator to wait for the promise returned by send operation as follows:
// async/await.
try {
const data = await client.send(command);
// process data.
} catch (error) {
// error handling.
} finally {
// finally.
}
You can also use Promise chaining.
client
.send(command)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
})
.finally(() => {
// finally.
});
The aggregated client class is exported from the same package, but without the "Client" suffix.
SecurityHub extends SecurityHubClient and additionally supports all operations, waiters, and paginators as methods.
This style may be familiar to you from the AWS SDK for JavaScript v2.
If you are bundling the AWS SDK, we recommend using only the bare-bones client (SecurityHubClient).
More details are in the blog post on
modular packages in AWS SDK for JavaScript.
import { SecurityHub } from "@aws-sdk/client-securityhub";
const client = new SecurityHub({ region: "REGION" });
// async/await.
try {
const data = await client.listMembers(params);
// process data.
} catch (error) {
// error handling.
}
// Promises.
client
.listMembers(params)
.then((data) => {
// process data.
})
.catch((error) => {
// error handling.
});
// callbacks (not recommended).
client.listMembers(params, (err, data) => {
// process err and data.
});
When the service returns an exception, the error will include the exception information, as well as response metadata (e.g. request id).
try {
const data = await client.send(command);
// process data.
} catch (error) {
const { requestId, cfId, extendedRequestId } = error.$metadata;
console.log({ requestId, cfId, extendedRequestId });
/**
* The keys within exceptions are also parsed.
* You can access them by specifying exception names:
* if (error.name === 'SomeServiceException') {
* const value = error.specialKeyInException;
* }
*/
}
See also docs/ERROR_HANDLING.
Please use these community resources for getting help. We use GitHub issues for tracking bugs and feature requests, but have limited bandwidth to address them.
aws-sdk-js
on AWS Developer Blog.aws-sdk-js.To test your universal JavaScript code in Node.js, browser and react-native environments, visit our code samples repo.
This client code is generated automatically. Any modifications will be overwritten the next time the @aws-sdk/client-securityhub package is updated.
To contribute to client you can check our generate clients scripts.
This SDK is distributed under the Apache License, Version 2.0, see LICENSE for more information.
FAQs
AWS SDK for JavaScript Securityhub Client for Node.js, Browser and React Native
The npm package @aws-sdk/client-securityhub receives a total of 109,640 weekly downloads. As such, @aws-sdk/client-securityhub popularity was classified as popular.
We found that @aws-sdk/client-securityhub demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket found a malicious Intercom PHP package on Packagist using Composer plugin execution to steal credentials and spread across ecosystems.
Research
/Security News
Compromised intercom-client@7.0.4 npm package is tied to the ongoing Mini Shai-Hulud worm attack targeting developer and CI/CD secrets.
Research
Socket detected a malicious supply chain attack on PyPI package lightning versions 2.6.2 and 2.6.3, which execute credential-stealing malware on import.