AWS CLI Command Reference

[ aws . securityhub ]

describe-products

Description

Returns information about the available products that you can subscribe to and integrate with Security Hub in order to consolidate findings.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-products
[--next-token <value>]
[--max-results <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]

Options

--next-token (string)

The token that is required for pagination. On your first call to the DescribeProducts operation, set the value of this parameter to NULL .

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

--max-results (integer)

The maximum number of results to return.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

--cli-auto-prompt (boolean) Automatically prompt for CLI input parameters.

See ‘aws help’ for descriptions of global parameters.

Examples

To return information about available product integrations

The following describe-products example returns the available product integrations one at a time.

aws securityhub describe-products \
    --max-results 1

Output:

{
    "NextToken": "U2FsdGVkX18vvPlOqb7RDrWRWVFBJI46MOIAb+nZmRJmR15NoRi2gm13sdQEn3O/pq/78dGs+bKpgA+7HMPHO0qX33/zoRI+uIG/F9yLNhcOrOWzFUdy36JcXLQji3Rpnn/cD1SVkGA98qI3zPOSDg==",
    "Products": [
        {
            "ProductArn": "arn:aws:securityhub:us-west-1:123456789333:product/crowdstrike/crowdstrike-falcon",
            "ProductName": "CrowdStrike Falcon",
            "CompanyName": "CrowdStrike",
            "Description": "CrowdStrike Falcon's single lightweight sensor unifies next-gen antivirus, endpoint detection and response, and 24/7 managed hunting, via the cloud.",
            "Categories": [
                "Endpoint Detection and Response (EDR)",
                "AV Scanning and Sandboxing",
                "Threat Intelligence Feeds and Reports",
                "Endpoint Forensics",
                "Network Forensics"
            ],
            "IntegrationTypes": [
                "SEND_FINDINGS_TO_SECURITY_HUB"
            ],
            "MarketplaceUrl": "https://aws.amazon.com/marketplace/seller-profile?id=a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
            "ActivationUrl": "https://falcon.crowdstrike.com/support/documentation",
            "ProductSubscriptionResourcePolicy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789333\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789012:product-subscription/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}},{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789012\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789333:product/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}}]}"
        }
   ]
}

For more information, see Managing product integrations in the AWS Security Hub User Guide.

Output

Products -> (list)

A list of products, including details for each product.

(structure)

Contains details about a product.

ProductArn -> (string)

The ARN assigned to the product.

ProductName -> (string)

The name of the product.

CompanyName -> (string)

The name of the company that provides the product.

Description -> (string)

A description of the product.

Categories -> (list)

The categories assigned to the product.

(string)

IntegrationTypes -> (list)

The types of integration that the product supports. Available values are the following.

  • SEND_FINDINGS_TO_SECURITY_HUB - Indicates that the integration sends findings to Security Hub.

  • RECEIVE_FINDINGS_FROM_SECURITY_HUB - Indicates that the integration receives findings from Security Hub.

(string)

MarketplaceUrl -> (string)

The URL for the page that contains more information about the product.

ActivationUrl -> (string)

The URL used to activate the product.

ProductSubscriptionResourcePolicy -> (string)

The resource policy associated with the product.

NextToken -> (string)

The pagination token to use to request the next page of results.

© Copyright 2018, Amazon Web Services. Created using Sphinx.