AWS Integration for Security Exposure Management reference information

  • Release version: Yokohama
  • Updated April 3, 2026
  • 2 minutes to read

    • Reference information for the AWS Integration for Security Exposure Management, including data field mappings, severity mappings, tables, script includes, and supported AWS regions.

    Reference topics containing information about tables, roles, and properties installed with the integration.

    The following tables are used by the AWS Integration for Security Exposure Management.

    Table 1. AWS Integration tables
    Table Description ACLs
    sn_vul_aws_inspector_host_vuln_import Import set for host vulnerabilities Read: import_admin; Write: nobody; Create: nobody; Delete: nobody
    sn_vul_aws_inspector_container_vuln_import Import set for container vulnerabilities Read: import_admin; Write: nobody; Create: nobody; Delete: nobody
    sn_vul_aws_security_hub_host_vuln_import Import set for Security Hub host findings Read: import_admin; Write: nobody; Create: nobody; Delete: nobody
    sn_vul_aws_security_hub_container_vuln_import Import set for Security Hub container findings Read: import_admin; Write: nobody; Create: nobody; Delete: nobody
    sn_vul_aws_security_hub_test_results_import Import set for test results Read: import_admin
    sn_vul_aws_cvd_attributes CVD attributes (CVSS, EPSS, and related data) Read: sn_sec_cvd.read; Write: nobody; Create: nobody; Delete: nobody
    sn_vul_aws_integration Integration records Read: sn_vul_aws.read_integration; Write/Create/Delete: sn_vul_aws.configure_integration
    sn_vul_aws_configuration Configuration records Read: sn_vul_aws.read_integration; Write/Create/Delete: sn_vul_aws.configure_integration
    sn_vul_aws_regions AWS regions reference Read: sn_vul_aws.read_integration; Write: nobody
    sn_vul_nvd_entry NVD entries (extended) Existing ACLs
    sn_vul_third_party_entry Third-party entries (extended) Existing ACLs

    Script includes

    The following script includes are used by the AWS Integration for Security Exposure Management.

    Table 2. Script includes
    Script include Description
    AWSIntegrationBase Base class. Handles REST calls, pagination, and filter building for both Inspector and Security Hub.
    AWSUtil Common utility methods including STS token retrieval, AWS Signature V4 signing, and filter processing for both integration types.
    AWSConfigUtil Configuration management including credential saving and validation, and integration activation and deactivation.
    SGAwsApiAwsSignatureV4Generator AWS Signature V4 signing implementation.
    AWSInspectorHostVulnerabilitiesIntegration Extends AWSIntegrationBase for Inspector host findings.
    AWSInspectorContainerVulnerabilitiesIntegration Extends AWSIntegrationBase for Inspector container findings.
    AWSInspectorHostVulnerabilityProcessor Processes Inspector host findings. Creates Vulnerable Items (VITs) and Detections.
    AWSInspectorContainerVulnerabilityProcessor Processes Inspector container findings. Creates Container Vulnerable Items (CVITs) and Findings.
    AWSSecurityHubHostVulnerabilitiesIntegration Extends AWSIntegrationBase for Security Hub host findings.
    AWSSecurityHubContainerVulnerabilitiesIntegration Extends AWSIntegrationBase for Security Hub container findings.
    AWSSecurityHubTestResultsIntegration Extends AWSIntegrationBase for Security Hub test results.
    AWSSecurityHubHostVulnerabilitiesProcessor Processes Security Hub host findings. Creates VITs and Detections.
    AWSSecurityHubContainerVulnerabilitiesProcessor Processes Security Hub container findings. Creates CVITs and Findings.
    AWSSecurityHubTestResultsProcessor Processes Security Hub configuration findings. Creates tests and test results.

    Supported AWS regions

    The following AWS regions are supported by the integration.

    Table 3. Supported AWS regions
    Region code Region name
    us-east-1 US East (N. Virginia)
    us-east-2 US East (Ohio)
    us-west-1 US West (N. California)
    us-west-2 US West (Oregon)
    af-south-1 Africa (Cape Town)
    ap-east-1 Asia Pacific (Hong Kong)
    ap-south-1 Asia Pacific (Mumbai)
    ap-south-2 Asia Pacific (Hyderabad)
    ap-southeast-1 Asia Pacific (Singapore)
    ap-southeast-2 Asia Pacific (Sydney)
    ap-southeast-3 Asia Pacific (Jakarta)
    ap-southeast-4 Asia Pacific (Melbourne)
    ap-northeast-1 Asia Pacific (Tokyo)
    ap-northeast-2 Asia Pacific (Seoul)
    ap-northeast-3 Asia Pacific (Osaka)
    ca-central-1 Canada (Central)
    eu-central-1 Europe (Frankfurt)
    eu-central-2 Europe (Zurich)
    eu-west-1 Europe (Ireland)
    eu-west-2 Europe (London)
    eu-west-3 Europe (Paris)
    eu-south-1 Europe (Milan)
    eu-south-2 Europe (Spain)
    eu-north-1 Europe (Stockholm)
    il-central-1 Israel (Tel Aviv)
    me-south-1 Middle East (Bahrain)
    me-central-1 Middle East (UAE)
    sa-east-1 South America (Sao Paulo)
    us-gov-west-1 AWS GovCloud (US-West)