Security Hub overview in AWS - Time & Space Complexity

When using AWS Security Hub, it's important to understand how the time to process security findings grows as you add more accounts or resources.

We want to know how the number of API calls and operations changes as the input size increases.

Analyze the time complexity of the following operation sequence.

# Enable Security Hub for multiple accounts
for account in accounts_list:
    aws securityhub enable-security-hub --account-id $account

# Retrieve findings for each account
for account in accounts_list:
    aws securityhub get-findings --account-id $account
    

This sequence enables Security Hub on each account and then retrieves security findings from each account.

Identify the API calls, resource provisioning, data transfers that repeat.

• Primary operation: Enabling Security Hub and retrieving findings for each account.
• How many times: Once per account in the list.

As the number of accounts increases, the number of API calls grows proportionally.

Input Size (n)	Approx. Api Calls/Operations
10	20 (10 enable + 10 get-findings)
100	200 (100 enable + 100 get-findings)
1000	2000 (1000 enable + 1000 get-findings)

Pattern observation: The total operations double the number of accounts, growing linearly.

Time Complexity: O(n)

This means the time and API calls grow directly in proportion to the number of accounts.

[X] Wrong: "Enabling Security Hub once is enough for all accounts at once."

[OK] Correct: Each AWS account is separate and requires its own enable call, so the operation must repeat per account.

Understanding how operations scale with input size helps you design efficient cloud security solutions and shows you can think about system behavior as it grows.

"What if we batch enable Security Hub for multiple accounts at once? How would the time complexity change?"