SecurityHub / Client / list_automation_rules
list_automation_rules#
- SecurityHub.Client.list_automation_rules(**kwargs)#
A list of automation rules and their metadata for the calling account.
See also: AWS API Documentation
Request Syntax
response = client.list_automation_rules( NextToken='string', MaxResults=123 )
- Parameters:
NextToken (string) – A token to specify where to start paginating the response. This is the
NextTokenfrom a previously truncated response. On your first call to theListAutomationRulesAPI, set the value of this parameter toNULL.MaxResults (integer) – The maximum number of rules to return in the response. This currently ranges from 1 to 100.
- Return type:
dict
- Returns:
Response Syntax
{ 'AutomationRulesMetadata': [ { 'RuleArn': 'string', 'RuleStatus': 'ENABLED'|'DISABLED', 'RuleOrder': 123, 'RuleName': 'string', 'Description': 'string', 'IsTerminal': True|False, 'CreatedAt': datetime(2015, 1, 1), 'UpdatedAt': datetime(2015, 1, 1), 'CreatedBy': 'string' }, ], 'NextToken': 'string' }
Response Structure
(dict) –
AutomationRulesMetadata (list) –
Metadata for rules in the calling account. The response includes rules with a
RuleStatusofENABLEDandDISABLED.(dict) –
Metadata for automation rules in the calling account. The response includes rules with a
RuleStatusofENABLEDandDISABLED.RuleArn (string) –
The Amazon Resource Name (ARN) for the rule.
RuleStatus (string) –
Whether the rule is active after it is created. If this parameter is equal to
ENABLED, Security Hub starts applying the rule to findings and finding updates after the rule is created. To change the value of this parameter after creating a rule, use BatchUpdateAutomationRules.RuleOrder (integer) –
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
RuleName (string) –
The name of the rule.
Description (string) –
A description of the rule.
IsTerminal (boolean) –
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.
CreatedAt (datetime) –
A timestamp that indicates when the rule was created.
This field accepts only the specified formats. Timestamps can end with
Zor("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:YYYY-MM-DDTHH:MM:SSZ(for example,2019-01-31T23:00:00Z)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ(for example,2019-01-31T23:00:00.123456789Z)YYYY-MM-DDTHH:MM:SS+HH:MM(for example,2024-01-04T15:25:10+17:59)YYYY-MM-DDTHH:MM:SS-HHMM(for example,2024-01-04T15:25:10-1759)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM(for example,2024-01-04T15:25:10.123456789+17:59)
UpdatedAt (datetime) –
A timestamp that indicates when the rule was most recently updated.
This field accepts only the specified formats. Timestamps can end with
Zor("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:YYYY-MM-DDTHH:MM:SSZ(for example,2019-01-31T23:00:00Z)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ(for example,2019-01-31T23:00:00.123456789Z)YYYY-MM-DDTHH:MM:SS+HH:MM(for example,2024-01-04T15:25:10+17:59)YYYY-MM-DDTHH:MM:SS-HHMM(for example,2024-01-04T15:25:10-1759)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM(for example,2024-01-04T15:25:10.123456789+17:59)
CreatedBy (string) –
The principal that created a rule.
NextToken (string) –
A pagination token for the response.
Exceptions