404

[ Avaa Bypassed ]




Upload:

Command:

botdev@18.188.190.28: ~ $
**To request the list of controls in an enabled standard**

The following ``describe-standards-controls`` example requests the list of controls in the requestor account's subscription to the PCI DSS standard. The request returns two controls at a time. ::

    aws securityhub describe-standards-controls \
        --standards-subscription-arn "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1" \
        --max-results 2

Output::

    {
        "Controls": [
            {
                "StandardsControlArn": "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.AutoScaling.1",
                "ControlStatus": "ENABLED",
                "ControlStatusUpdatedAt": "2020-05-15T18:49:04.473000+00:00",
                "ControlId": "PCI.AutoScaling.1",
                "Title": "Auto scaling groups associated with a load balancer should use health checks",
                "Description": "This AWS control checks whether your Auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks.",
                "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/PCI.AutoScaling.1/remediation",
                "SeverityRating": "LOW",
                "RelatedRequirements": [
                    "PCI DSS 2.2"
                ]
            },
            {
                "StandardsControlArn": "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.CW.1",
                "ControlStatus": "ENABLED",
                "ControlStatusUpdatedAt": "2020-05-15T18:49:04.498000+00:00",
                "ControlId": "PCI.CW.1",
                "Title": "A log metric filter and alarm should exist for usage of the \"root\" user",
                "Description": "This control checks for the CloudWatch metric filters using the following pattern { $.userIdentity.type = \"Root\" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != \"AwsServiceEvent\" } It checks that the log group name is configured for use with active multi-region CloudTrail, that there is at least one Event Selector for a Trail with IncludeManagementEvents set to true and ReadWriteType set to All, and that there is at least one active subscriber to an SNS topic associated with the alarm.",
                "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/PCI.CW.1/remediation",
                "SeverityRating": "MEDIUM",
                "RelatedRequirements": [
                    "PCI DSS 7.2.1"
                ]
            }
        ],
        "NextToken": "U2FsdGVkX1+eNkPoZHVl11ip5HUYQPWSWZGmftcmJiHL8JoKEsCDuaKayiPDyLK+LiTkShveoOdvfxXCkOBaGhohIXhsIedN+LSjQV/l7kfCfJcq4PziNC1N9xe9aq2pjlLVZnznTfSImrodT5bRNHe4fELCQq/z+5ka+5Lzmc11axcwTd5lKgQyQqmUVoeriHZhyIiBgWKf7oNYdBVG8OEortVWvSkoUTt+B2ThcnC7l43kI0UNxlkZ6sc64AsW"
    }

For more information, see `Viewing details for controls <https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-view-controls.html>`__ in the *AWS Security Hub User Guide*.

Filemanager

Name Type Size Permission Actions
accept-administrator-invitation.rst File 573 B 0644
accept-invitation.rst File 552 B 0644
batch-disable-standards.rst File 939 B 0644
batch-enable-standards.rst File 927 B 0644
batch-import-findings.rst File 1.7 KB 0644
batch-update-findings.rst File 3.35 KB 0644
create-action-target.rst File 757 B 0644
create-finding-aggregator.rst File 1.03 KB 0644
create-insight.rst File 827 B 0644
create-members.rst File 558 B 0644
decline-invitations.rst File 583 B 0644
delete-action-target.rst File 680 B 0644
delete-finding-aggregator.rst File 620 B 0644
delete-insight.rst File 653 B 0644
delete-invitations.rst File 578 B 0644
delete-members.rst File 513 B 0644
describe-action-targets.rst File 936 B 0644
describe-hub.rst File 659 B 0644
describe-organization-configuration.rst File 532 B 0644
describe-products.rst File 2.4 KB 0644
describe-standards-controls.rst File 3 KB 0644
describe-standards.rst File 2.12 KB 0644
disable-import-findings-for-product.rst File 640 B 0644
disable-organization-admin-account.rst File 575 B 0644
disable-security-hub.rst File 400 B 0644
disassociate-from-administrator-account.rst File 496 B 0644
disassociate-from-master-account.rst File 482 B 0644
disassociate-members.rst File 509 B 0644
enable-import-findings-for-product.rst File 721 B 0644
enable-organization-admin-account.rst File 571 B 0644
enable-security-hub.rst File 638 B 0644
get-administrator-account.rst File 708 B 0644
get-enabled-standards.rst File 918 B 0644
get-finding-aggregator.rst File 879 B 0644
get-findings.rst File 8.96 KB 0644
get-insight-results.rst File 1.15 KB 0644
get-insights.rst File 1.32 KB 0644
get-invitations-count.rst File 519 B 0644
get-master-account.rst File 694 B 0644
get-members.rst File 1.22 KB 0644
invite-members.rst File 497 B 0644
list-enabled-products-for-import.rst File 707 B 0644
list-finding-aggregators.rst File 578 B 0644
list-invitations.rst File 715 B 0644
list-members.rst File 1.13 KB 0644
list-organization-admin-accounts.rst File 615 B 0644
list-tags-for-resource.rst File 618 B 0644
tag-resource.rst File 572 B 0644
untag-resource.rst File 532 B 0644
update-action-target.rst File 639 B 0644
update-finding-aggregator.rst File 888 B 0644
update-insight.rst File 2.07 KB 0644
update-organization-configuration.rst File 556 B 0644
update-security-hub-configuration.rst File 505 B 0644
update-standards-control.rst File 1.01 KB 0644