View a markdown version of this page

GetRecommendedPolicyV2 - AWS Security Hub CSPM
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

GetRecommendedPolicyV2

Retrieves the recommended policy to remediate a Security Hub finding. GetRecommendedPolicyV2 only supports findings for unused permissions.

Request Syntax

GET /recommendedPolicyV2/MetadataUid?MaxResults=MaxResults&NextToken=NextToken HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.

MaxResults

The maximum number of recommendation steps to return.

Valid Range: Minimum value of 1. Maximum value of 100.

MetadataUid

The unique identifier (ID) of Security Hub OCSF findings found under the metadata.uid field of the finding.

Pattern: .*\S.*

Required: Yes

NextToken

The token used to paginate the RecommendationSteps list returned. On your first call to GetRecommendedPolicyV2, omit this parameter or set it to NULL. For subsequent calls, use the NextToken value returned in the previous response to retrieve the next page of results.

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "Error": { 
      "Code": "string",
      "Message": "string"
   },
   "NextToken": "string",
   "RecommendationSteps": [ 
      { ... }
   ],
   "RecommendationType": "string",
   "ResourceArn": "string",
   "Status": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Error

Detailed information for a FAILED retrieval status.

Type: RecommendationError object

NextToken

The pagination token to use to request the next page of results.

Type: String

RecommendationSteps

The recommended steps to take to resolve the finding.

Type: Array of RecommendationStep objects

RecommendationType

The type of recommendation for the finding.

Type: String

Valid Values: UNUSED_PERMISSION_RECOMMENDATION

ResourceArn

The ARN of the resource of the finding.

Type: String

Pattern: .*\S.*

Status

The current status of the recommended policy retrieval.

Type: String

Valid Values: IN_PROGRESS | SUCCEEDED | FAILED

Errors

For information about the errors that are common to all actions, see Common Error Types.

AccessDeniedException

You don't have permission to perform the action specified in the request.

HTTP Status Code: 403

InternalServerException

The request has failed due to an internal failure of the service.

HTTP Status Code: 500

InvalidInputException

The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

HTTP Status Code: 400

ResourceNotFoundException

The request was rejected because we can't find the specified resource.

HTTP Status Code: 404

ThrottlingException

The limit on the number of requests per second was exceeded.

HTTP Status Code: 429

ValidationException

The request has failed validation because it's missing required fields or has invalid inputs.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: