Data Types
The Amazon Security Hub API contains several data types that the various actions use. This section describes each data type in detail.
Note
The order of each element in a data type structure is not guaranteed. Applications should not assume a particular order.
Security Hub supports the following primary data types:
Security Hub supports the following objects as part of the ResourceDetails data type.
These objects apply to Security Hub findings in the Amazon Security Finding Format (ASFF).
Amazon MQ objects
Amazon API Gateway objects
Amazon AppSync objects
Amazon Athena objects
Amazon Backup objects
Amazon Certificate Manager objects
Amazon CloudFormation objects
Amazon CloudFront objects
Amazon CloudTrail objects
Amazon CloudWatch objects
Amazon CodeBuild objects
Amazon Database Migration Service objects (Amazon DMS)
Amazon DynamoDB objects
Amazon Elastic Compute Cloud (EC2) objects
-
AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails
-
AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails
-
AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails
-
AwsEc2LaunchTemplateDataCapacityReservationSpecificationCapacityReservationTargetDetails
-
AwsEc2LaunchTemplateDataCapacityReservationSpecificationDetails
-
AwsEc2LaunchTemplateDataElasticInferenceAcceleratorSetDetails
-
AwsEc2LaunchTemplateDataInstanceMarketOptionsSpotOptionsDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorCountDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorTotalMemoryMiBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsBaselineEbsBandwidthMbpsDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsMemoryGiBPerVCpuDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsMemoryMiBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsNetworkInterfaceCountDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsTotalLocalStorageGBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsVCpuCountDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv4PrefixesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6AddressesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6PrefixesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetPrivateIpAddressesDetails
Amazon EC2 Auto Scaling objects
-
AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails
-
AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails
Amazon Elastic Container Registry (ECR) objects
Amazon Elastic Container Service (ECS) objects
-
AwsEcsClusterConfigurationExecuteCommandConfigurationDetails
-
AwsEcsClusterConfigurationExecuteCommandConfigurationLogConfigurationDetails
-
AwsEcsServiceDeploymentConfigurationDeploymentCircuitBreakerDetails
-
AwsEcsTaskDefinitionContainerDefinitionsEnvironmentFilesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersCapabilitiesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDevicesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersTmpfsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationSecretOptionsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsRepositoryCredentialsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsResourceRequirementsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsSystemControlsDetails
-
AwsEcsTaskDefinitionProxyConfigurationProxyConfigurationPropertiesDetails
-
AwsEcsTaskDefinitionVolumesEfsVolumeConfigurationAuthorizationConfigDetails
Amazon Elastic File System (EFS) objects
Amazon Elastic Kubernetes Service (EKS) objects
Amazon Elastic Beanstalk objects
Elasticsearch objects
Elastic Load Balancing objects
Amazon EventBridge objects
Amazon GuardDuty objects
Amazon Identity and Access Management (IAM) objects
Amazon Kinesis objects
Amazon Key Management Service (Amazon KMS) objects
Amazon Lambda objects
Amazon Managed Streaming for Apache Kafka (Amazon MSK) objects
Amazon Network Firewall objects
Amazon OpenSearch Service objects
Amazon Relational Database Service (RDS) objects
Amazon Redshift objects
Amazon Route 53 objects
Amazon Simple Storage Service (S3) objects
-
AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails
-
AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails
Amazon SageMaker AI objects
Amazon Secrets Manager objects
Amazon Simple Notification Service (SNS) objects
Amazon Simple Queue Service (SQS) objects
Amazon Systems Manager objects
Amazon Step Functions objects
Amazon WAF objects
Amazon X-Ray objects
Container objects