AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-02-28 · Documentation low

File: cli/latest/reference/securityhub/get-resources-statistics-v2.md

Summary

Updated CLI documentation to reference Security Hub CSPM (Cloud Security Posture Management) instead of generic Security Hub, added --cli-error-format parameter, and adjusted examples/filtering logic to align with CSPM context

Security assessment

Changes primarily add references to CSPM (a security posture management service) and update documentation to reflect CSPM-specific filtering/behavior. While this documents security features (CSPM), there is no evidence of addressing a specific vulnerability or security incident.

Diff

diff --git a/cli/latest/reference/securityhub/get-resources-statistics-v2.md b/cli/latest/reference/securityhub/get-resources-statistics-v2.md
index 431235ee0..7ca73545c 100644
--- a//cli/latest/reference/securityhub/get-resources-statistics-v2.md
+++ b//cli/latest/reference/securityhub/get-resources-statistics-v2.md
@@ -15 +15 @@
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »
@@ -89,0 +90 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
+    [--cli-error-format <value>]
@@ -127 +128 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>> Enables the creation of criteria for Amazon Web Services resources in Security Hub.
+>>>>> Enables the creation of criteria for Amazon Web Services resources in Security Hub CSPM.
@@ -157 +158 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>> A string filter for filtering Security Hub findings.
+>>>>>>>> A string filter for filtering Security Hub CSPM findings.
@@ -161 +162 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there’s no match.
+>>>>>>>>> The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub CSPM` . If you provide `security hub` as the filter value, there’s no match.
@@ -171 +172 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> The condition to apply to a string value when filtering Security Hub findings.
+>>>>>>>>> The condition to apply to a string value when filtering Security Hub CSPM findings.
@@ -195 +196 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
+>>>>>>>>> You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub CSPM first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
@@ -197 +198 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> For example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
+>>>>>>>>> For example, for the following filters, Security Hub CSPM first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
@@ -206 +207 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub User Guide_ .
+>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub CSPM User Guide_ .
@@ -247 +248 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub CSPM, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
@@ -259 +260 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub CSPM, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
@@ -355 +356 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>> A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
+>>>>>>>> A map filter for filtering Security Hub CSPM findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
@@ -379 +380 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>> The condition to apply to the key value when filtering Security Hub findings with a map filter.
+>>>>>>>>> The condition to apply to the key value when filtering Security Hub CSPM findings with a map filter.
@@ -403 +404 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub User Guide_ .
+>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub CSPM User Guide_ .
@@ -420 +421 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>> Enables the creation of criteria for Amazon Web Services resources in Security Hub.
+>>>>>>> Enables the creation of criteria for Amazon Web Services resources in Security Hub CSPM.
@@ -450 +451 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>> A string filter for filtering Security Hub findings.
+>>>>>>>>>> A string filter for filtering Security Hub CSPM findings.
@@ -454 +455 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there’s no match.
+>>>>>>>>>>> The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub CSPM` . If you provide `security hub` as the filter value, there’s no match.
@@ -464 +465 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> The condition to apply to a string value when filtering Security Hub findings.
+>>>>>>>>>>> The condition to apply to a string value when filtering Security Hub CSPM findings.
@@ -488 +489 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
+>>>>>>>>>>> You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub CSPM first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
@@ -490 +491 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> For example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
+>>>>>>>>>>> For example, for the following filters, Security Hub CSPM first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
@@ -499 +500 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub User Guide_ .
+>>>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub CSPM User Guide_ .
@@ -540 +541 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+>>>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub CSPM, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
@@ -552 +553 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
+>>>>>>>>>>> For more information about the validation and formatting of timestamp fields in Security Hub CSPM, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) .
@@ -648 +649 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>> A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
+>>>>>>>>>> A map filter for filtering Security Hub CSPM findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
@@ -672 +673 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>> The condition to apply to the key value when filtering Security Hub findings with a map filter.
+>>>>>>>>>>> The condition to apply to the key value when filtering Security Hub CSPM findings with a map filter.
@@ -696 +697 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/securi
->>>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub User Guide_ .
+>>>>>>>>>>>> `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the _Security Hub CSPM User Guide_ .
@@ -915,0 +917 @@ The formatting style for command output.
+  * off
@@ -981,0 +984,13 @@ Disable automatically prompt for CLI input parameters.
+`--cli-error-format` (string)
+
+The formatting style for error output. By default, errors are displayed in enhanced format.
+
+  * legacy
+  * json
+  * yaml
+  * text
+  * table
+  * enhanced
+
+
+
@@ -1034 +1049 @@ GroupByResults -> (list)
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »