AWS SecurityHub Skill
amazonaws-com-securityhub
Endpoints
| Method | Path | Description |
|---|---|---|
POST | /administrator | |
POST | /master | Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from. This operation is only used by member a... |
POST | /automationrules/delete | This method is deprecated. Instead, use AcceptAdministratorInvitation. The Security Hub console continues to use AcceptInvitation. It will eventually change to use AcceptAdministr... |
POST | /standards/deregister | Deletes one or more automation rules. |
POST | /standards/register | Disables the standards specified by the provided StandardsSubscriptionArns. For more information, see Security Standards section of the Security Hub User Guide. |
POST | /automationrules/get | Enables the standards specified by the provided StandardsArn. To obtain the ARN for a standard, use the DescribeStandards operation. For more information, see the Security Standar... |
POST | /configurationPolicyAssociation/batchget | Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs). |
POST | /securityControls/batchGet | Returns associations between an Security Hub configuration and a batch of target accounts, organizational units, or the root. Only the Security Hub delegated administrator can inv... |
POST | /associations/batchGet | Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region. |
POST | /findings/import | For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard. |
PATCH | /automationrules/update | Imports security findings generated by a finding provider into Security Hub. This action is requested by the finding provider to import its findings into Security Hub. BatchImport... |
PATCH | /findings/batchupdate | Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters. |
PATCH | /associations | Used by Security Hub customers to update information about their investigation into a finding. Requested by administrator accounts or member accounts. Administrator accounts can u... |
POST | /actionTargets | For a batch of security controls and standards, this operation updates the enablement status of a control in a standard. |
POST | /automationrules/create | Creates a custom action target in Security Hub. You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon CloudWatch Events. |
POST | /configurationPolicy/create | Creates an automation rule based on input parameters. |
POST | /findingAggregator/create | Creates a configuration policy with the defined configuration. Only the Security Hub delegated administrator can invoke this operation from the home Region. |
POST | /insights | Used to enable finding aggregation. Must be called from the aggregation Region. For more details about cross-Region replication, see Configuring finding aggregation in the Securit... |
POST | /members | Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation. To group the related fi... |
POST | /invitations/decline | Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account. If you are integrated wit... |
DELETE | /actionTargets/{ActionTargetArn+} | Declines invitations to become a member account. A prospective member account uses this operation to decline an invitation to become a member. This operation is only called by mem... |
DELETE | /configurationPolicy/{Identifier} | Deletes a custom action target from Security Hub. Deleting a custom action target does not affect any findings or insights that were already sent to Amazon CloudWatch Events using... |
DELETE | /findingAggregator/delete/{FindingAggregatorArn+} | Deletes a configuration policy. Only the Security Hub delegated administrator can invoke this operation from the home Region. For the deletion to succeed, you must first disassoci... |
DELETE | /insights/{InsightArn+} | Deletes a finding aggregator. When you delete the finding aggregator, you stop finding aggregation. When you stop finding aggregation, findings that were already aggregated to the... |
POST | /invitations/delete | Deletes the insight specified by the InsightArn. |
POST | /members/delete | Deletes invitations received by the Amazon Web Services account to become a member account. A Security Hub administrator account can use this operation to delete invitations sent... |
POST | /actionTargets/get | Deletes the specified member accounts from Security Hub. You can invoke this API only to delete accounts that became members through invitation. You can't invoke this API to delet... |
GET | /accounts | Returns a list of the custom action targets in Security Hub in your account. |
GET | /organization/configuration | Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub. |
GET | /products | Returns information about the way your organization is configured in Security Hub. Only the Security Hub administrator account can invoke this operation. |
Install as Skill
Use this API as a Claude Code skill for instant agent access.
CLI Install
lapsh skill-install amazonaws-com-securityhub
Downloads and installs to ~/.claude/skills/amazonaws-com-securityhub/
Recent Versions (1)
2018-10-26(2026-02-13)