batchImportFindings method

Future<BatchImportFindingsResponse> batchImportFindings({
  1. required List<AwsSecurityFinding> findings,
})

Imports security findings generated by a finding provider into Security Hub CSPM. This action is requested by the finding provider to import its findings into Security Hub CSPM.

BatchImportFindings must be called by one of the following:

  • The Amazon Web Services account that is associated with a finding if you are using the default product ARN or are a partner sending findings from within a customer's Amazon Web Services account. In these cases, the identifier of the account that you are calling BatchImportFindings from needs to be the same as the AwsAccountId attribute for the finding.
  • An Amazon Web Services account that Security Hub CSPM has allow-listed for an official partner integration. In this case, you can call BatchImportFindings from the allow-listed account and send findings from different customer accounts in the same batch.
The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.

After a finding is created, BatchImportFindings cannot be used to update the following finding fields and objects, which Security Hub CSPM customers use to manage their investigation workflow.

  • Note
  • UserDefinedFields
  • VerificationState
  • Workflow
Finding providers also should not use BatchImportFindings to update the following attributes.
  • Confidence
  • Criticality
  • RelatedFindings
  • Severity
  • Types
Instead, finding providers use FindingProviderFields to provide values for these attributes.

May throw InternalException. May throw InvalidAccessException. May throw InvalidInputException. May throw LimitExceededException.

Parameter findings : A list of findings to import. To successfully import a finding, it must follow the Amazon Web Services Security Finding Format. Maximum of 100 findings per request.

Implementation

Future<BatchImportFindingsResponse> batchImportFindings({
  required List<AwsSecurityFinding> findings,
}) async {
  final $payload = <String, dynamic>{
    'Findings': findings,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/findings/import',
    exceptionFnMap: _exceptionFns,
  );
  return BatchImportFindingsResponse.fromJson(response);
}