Compliance
Contains finding details that are specific to control-based findings. Only returned for findings generated from controls.
Contents
- AssociatedStandards
-
The enabled security standards in which a security control is currently enabled.
Type: Array of AssociatedStandard objects
Required: No
- RelatedRequirements
-
For a control, the industry or regulatory framework requirements that are related to the control. The check for that control is aligned with these requirements.
Type: Array of strings
Pattern:
.*\S.*Required: No
- SecurityControlId
-
The unique identifier of a control across standards. Values for this field typically consist of an Amazon Web Service and a number, such as APIGateway.5.
Type: String
Pattern:
.*\S.*Required: No
- SecurityControlParameters
-
An object that includes security control parameter names and values.
Type: Array of SecurityControlParameter objects
Required: No
- Status
-
The result of a standards check.
The valid values for
Statusare as follows.-
-
PASSED- Standards check passed for all evaluated resources. -
WARNING- Some information is missing or this check is not supported for your configuration. -
FAILED- Standards check failed for at least one evaluated resource. -
NOT_AVAILABLE- Check could not be performed due to a service outage, API error, or because the result of the Amazon Config evaluation wasNOT_APPLICABLE. If the Amazon Config evaluation result wasNOT_APPLICABLE, then after 3 days, Security Hub automatically archives the finding.
-
Type: String
Valid Values:
PASSED | WARNING | FAILED | NOT_AVAILABLERequired: No
-
- StatusReasons
-
For findings generated from controls, a list of reasons behind the value of
Status. For the list of status reason codes and their meanings, see Standards-related information in the ASFF in the Amazon Security Hub User Guide.Type: Array of StatusReason objects
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: