AWS Security Hub (securityhub)

2023-06-15

5 new actions, 1 new resource | 3 updated actions

Additions

    Actions
  • BatchDeleteAutomationRules
    • Description:  Grants permission to delete one or more automation rules in Security Hub
    • Access:  Write
    • Resources: 

      Name: automation-rule

      Required: Yes

  • BatchGetAutomationRules
    • Description:  Grants permission to retrieve a list of details for automation rules from Security Hub based on rule Amazon Resource Names (ARNs)
    • Access:  Read
    • Resources: 

      Name: automation-rule

      Required: Yes

  • BatchUpdateAutomationRules
    • Description:  Grants permission to update one or more automation rules from Security Hub based on rule Amazon Resource Names (ARNs) and input parameters
    • Access:  Write
    • Resources: 

      Name: automation-rule

      Required: Yes

  • CreateAutomationRule
    • Description:  Grants permission to create an automation rule based on input parameters
    • Access:  Write
    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys
  • ListAutomationRules
    • Description:  Grants permission to retrieve a list of automation rules and their metadata for the calling account from Security Hub
    • Access:  List
    Resources
  • automation-rule
    • Arn:  arn:${Partition}:securityhub:${Region}:${Account}:automation-rule/${AutomationRuleId}

Updates

    Actions
  • ListTagsForResource
      Resources

    • New_value: No

      Old_value: Yes

    • + automation-rule
  • TagResource
      Resources

    • New_value: No

      Old_value: Yes

    • + automation-rule
  • UntagResource
      Resources

    • New_value: No

      Old_value: Yes

    • + automation-rule