security_controls_list_only
Lists security_controls in a region or regions, for all properties use security_controls
Overview
| Name | security_controls_list_only |
| Type | Resource |
| Description | A security control in Security Hub describes a security best practice related to a specific resource. |
| Id | aws.securityhub.security_controls_list_only |
Fields
| Name | Datatype | Description |
|---|---|---|
security_control_id | string | The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3. |
security_control_arn | string | The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1`. This parameter doesn't mention a specific standard. |
last_update_reason | string | The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores. |
parameters | object | An object that identifies the name of a control parameter, its current value, and whether it has been customized. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
list_resources | SELECT | region |
SELECT examples
Lists all security_controls in a region.
SELECT
region,
security_control_id
FROM aws.securityhub.security_controls_list_only
WHERE region = 'us-east-1';
Permissions
For permissions required to operate on the security_controls_list_only resource, see security_controls