When you want to get details of a particular Amazon Security Hub integration, you can fetch the configuration and integration details using its unique integration identifier (id). For existing integrations, you can fetch the configuration and integration details with or without the unique integration identifier (id).
Currently, we can only fetch details for the VM/VMDR app.
Let us now see an example of fetching the configuration details of Amazon Security Hub integration.
API request
"curl -X GET --header""Content-Type:application/json""<qualys_gateway_url>/partner-integration/aws/security-hub/49""-H""Authorization: Bearer <token>"
or
"curl --header""Content-Type:application/json""<qualys_gateway_url>/partner-integration/aws/security-hub/""-H""Authorization: Bearer <token>"
If you are not aware of the integration ID, use the following request to fetch details without the integration Id.
JSON Output
{
"name":"TestAWSSecurityHubIntegration01",
"integrationId":684,
"customerId":"xxxxxx",
"sendResolvedVulns":true,
"sendAlerts":false,
"errorEmails":[
"<email address 1>"
],
"vmConfigs":[
{
"awsAccountId":"xxxxxxxxxxxx",
"severity":1,
"category":"Confirmed",
"regions":[
"eu-west-1",
"us-west-2"
]
}
]
}
Let us now see an example to fetch the integration details of Amazon Security Hub with VM/VMDR app.
API Request
"integration/aws/security-hub/vm/""
-H \"Authorization: Bearer <token>\"
OR
curl -X GET --header ""Content-Type":"application/json"" ""<qualys_gateway_url>/partner-integration/aws/security-hub/"{
"id"
}"/vm/""'
-H \"Authorization: Bearer <token>\""
where, id is the unique integration identifier of the Amazon Security Hub
JSON Output
{
"name":"NMTestAWSSecurityHubIntegration01",
"integrationId":684,
"customerId":715423,
"sendResolvedVulns":true,
"sendAlerts":false,
"errorEmails":[
"<email address 1>"
],
"vmConfigs":[
{
"awsAccountId":"xxxxxxxxxxxx",
"severity":1,
"category":"Confirmed",
"regions":[
"eu-west-1",
"us-west-2"
]
}
]
}