[ aws . securityhub ]
Creates a custom action target in Security Hub.
You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon CloudWatch Events.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-action-target
--name <value>
--description <value>
--id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]
--name
(string)
The name of the custom action target.
--description
(string)
The description for the custom action target.
--id
(string)
The ID for the custom action target.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--cli-auto-prompt
(boolean)
Automatically prompt for CLI input parameters.
See ‘aws help’ for descriptions of global parameters.
To create a custom action
The following create-action-target
example creates a custom action. It provides the name, description, and identifier for the action.
aws securityhub create-action-target \
--name "Send to remediation" \
--description "Action to send the finding for remediation tracking" \
--id "Remediation"
Output:
{
"ActionTargetArn": "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation"
}
For more information, see Creating a custom action and associating it with a CloudWatch Events rule in the AWS Security Hub User Guide.