README
¶
AWS Security Hub Construct Library
This module is part of the AWS Cloud Development Kit project.
import securityhub "github.com/aws/aws-cdk-go/awscdk"
There are no official hand-written (L2) constructs for this service yet. Here are some suggestions on how to proceed:
- Search Construct Hub for SecurityHub construct libraries
- Use the automatically generated L1 constructs, in the same way you would use the CloudFormation AWS::SecurityHub resources directly.
There are no hand-written (L2) constructs for this service yet. However, you can still use the automatically generated L1 constructs, and use this service exactly as you would using CloudFormation directly.
For more information on the resources and properties available for this service, see the CloudFormation documentation for AWS::SecurityHub.
(Read the CDK Contributing Guide and submit an RFC if you are interested in contributing to this construct library.)
Documentation
¶
Index ¶
- func CfnAutomationRule_CFN_RESOURCE_TYPE_NAME() *string
- func CfnAutomationRule_IsCfnElement(x interface{}) *bool
- func CfnAutomationRule_IsCfnResource(x interface{}) *bool
- func CfnAutomationRule_IsConstruct(x interface{}) *bool
- func CfnDelegatedAdmin_CFN_RESOURCE_TYPE_NAME() *string
- func CfnDelegatedAdmin_IsCfnElement(x interface{}) *bool
- func CfnDelegatedAdmin_IsCfnResource(x interface{}) *bool
- func CfnDelegatedAdmin_IsConstruct(x interface{}) *bool
- func CfnHub_CFN_RESOURCE_TYPE_NAME() *string
- func CfnHub_IsCfnElement(x interface{}) *bool
- func CfnHub_IsCfnResource(x interface{}) *bool
- func CfnHub_IsConstruct(x interface{}) *bool
- func CfnInsight_CFN_RESOURCE_TYPE_NAME() *string
- func CfnInsight_IsCfnElement(x interface{}) *bool
- func CfnInsight_IsCfnResource(x interface{}) *bool
- func CfnInsight_IsConstruct(x interface{}) *bool
- func CfnProductSubscription_CFN_RESOURCE_TYPE_NAME() *string
- func CfnProductSubscription_IsCfnElement(x interface{}) *bool
- func CfnProductSubscription_IsCfnResource(x interface{}) *bool
- func CfnProductSubscription_IsConstruct(x interface{}) *bool
- func CfnStandard_CFN_RESOURCE_TYPE_NAME() *string
- func CfnStandard_IsCfnElement(x interface{}) *bool
- func CfnStandard_IsCfnResource(x interface{}) *bool
- func CfnStandard_IsConstruct(x interface{}) *bool
- func NewCfnAutomationRule_Override(c CfnAutomationRule, scope constructs.Construct, id *string, ...)
- func NewCfnDelegatedAdmin_Override(c CfnDelegatedAdmin, scope constructs.Construct, id *string, ...)
- func NewCfnHub_Override(c CfnHub, scope constructs.Construct, id *string, props *CfnHubProps)
- func NewCfnInsight_Override(c CfnInsight, scope constructs.Construct, id *string, props *CfnInsightProps)
- func NewCfnProductSubscription_Override(c CfnProductSubscription, scope constructs.Construct, id *string, ...)
- func NewCfnStandard_Override(c CfnStandard, scope constructs.Construct, id *string, props *CfnStandardProps)
- type CfnAutomationRule
- type CfnAutomationRuleProps
- type CfnAutomationRule_AutomationRulesActionProperty
- type CfnAutomationRule_AutomationRulesFindingFieldsUpdateProperty
- type CfnAutomationRule_AutomationRulesFindingFiltersProperty
- type CfnAutomationRule_DateFilterProperty
- type CfnAutomationRule_DateRangeProperty
- type CfnAutomationRule_MapFilterProperty
- type CfnAutomationRule_NoteUpdateProperty
- type CfnAutomationRule_NumberFilterProperty
- type CfnAutomationRule_RelatedFindingProperty
- type CfnAutomationRule_SeverityUpdateProperty
- type CfnAutomationRule_StringFilterProperty
- type CfnAutomationRule_WorkflowUpdateProperty
- type CfnDelegatedAdmin
- type CfnDelegatedAdminProps
- type CfnHub
- type CfnHubProps
- type CfnInsight
- type CfnInsightProps
- type CfnInsight_AwsSecurityFindingFiltersProperty
- type CfnInsight_BooleanFilterProperty
- type CfnInsight_DateFilterProperty
- type CfnInsight_DateRangeProperty
- type CfnInsight_IpFilterProperty
- type CfnInsight_KeywordFilterProperty
- type CfnInsight_MapFilterProperty
- type CfnInsight_NumberFilterProperty
- type CfnInsight_StringFilterProperty
- type CfnProductSubscription
- type CfnProductSubscriptionProps
- type CfnStandard
- type CfnStandardProps
- type CfnStandard_StandardsControlProperty
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CfnAutomationRule_CFN_RESOURCE_TYPE_NAME ¶ added in v2.85.0
func CfnAutomationRule_CFN_RESOURCE_TYPE_NAME() *string
func CfnAutomationRule_IsCfnElement ¶ added in v2.85.0
func CfnAutomationRule_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnAutomationRule_IsCfnResource ¶ added in v2.85.0
func CfnAutomationRule_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnAutomationRule_IsConstruct ¶ added in v2.85.0
func CfnAutomationRule_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnDelegatedAdmin_CFN_RESOURCE_TYPE_NAME ¶ added in v2.138.0
func CfnDelegatedAdmin_CFN_RESOURCE_TYPE_NAME() *string
func CfnDelegatedAdmin_IsCfnElement ¶ added in v2.138.0
func CfnDelegatedAdmin_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnDelegatedAdmin_IsCfnResource ¶ added in v2.138.0
func CfnDelegatedAdmin_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnDelegatedAdmin_IsConstruct ¶ added in v2.138.0
func CfnDelegatedAdmin_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnHub_CFN_RESOURCE_TYPE_NAME ¶
func CfnHub_CFN_RESOURCE_TYPE_NAME() *string
func CfnHub_IsCfnElement ¶
func CfnHub_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnHub_IsCfnResource ¶
func CfnHub_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnHub_IsConstruct ¶
func CfnHub_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnInsight_CFN_RESOURCE_TYPE_NAME ¶ added in v2.138.0
func CfnInsight_CFN_RESOURCE_TYPE_NAME() *string
func CfnInsight_IsCfnElement ¶ added in v2.138.0
func CfnInsight_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnInsight_IsCfnResource ¶ added in v2.138.0
func CfnInsight_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnInsight_IsConstruct ¶ added in v2.138.0
func CfnInsight_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnProductSubscription_CFN_RESOURCE_TYPE_NAME ¶ added in v2.138.0
func CfnProductSubscription_CFN_RESOURCE_TYPE_NAME() *string
func CfnProductSubscription_IsCfnElement ¶ added in v2.138.0
func CfnProductSubscription_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnProductSubscription_IsCfnResource ¶ added in v2.138.0
func CfnProductSubscription_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnProductSubscription_IsConstruct ¶ added in v2.138.0
func CfnProductSubscription_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func CfnStandard_CFN_RESOURCE_TYPE_NAME ¶ added in v2.85.0
func CfnStandard_CFN_RESOURCE_TYPE_NAME() *string
func CfnStandard_IsCfnElement ¶ added in v2.85.0
func CfnStandard_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnStandard_IsCfnResource ¶ added in v2.85.0
func CfnStandard_IsCfnResource(x interface{}) *bool
Check whether the given object is a CfnResource.
func CfnStandard_IsConstruct ¶ added in v2.85.0
func CfnStandard_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.
Returns: true if `x` is an object created from a class which extends `Construct`.
func NewCfnAutomationRule_Override ¶ added in v2.85.0
func NewCfnAutomationRule_Override(c CfnAutomationRule, scope constructs.Construct, id *string, props *CfnAutomationRuleProps)
func NewCfnDelegatedAdmin_Override ¶ added in v2.138.0
func NewCfnDelegatedAdmin_Override(c CfnDelegatedAdmin, scope constructs.Construct, id *string, props *CfnDelegatedAdminProps)
func NewCfnHub_Override ¶
func NewCfnHub_Override(c CfnHub, scope constructs.Construct, id *string, props *CfnHubProps)
func NewCfnInsight_Override ¶ added in v2.138.0
func NewCfnInsight_Override(c CfnInsight, scope constructs.Construct, id *string, props *CfnInsightProps)
func NewCfnProductSubscription_Override ¶ added in v2.138.0
func NewCfnProductSubscription_Override(c CfnProductSubscription, scope constructs.Construct, id *string, props *CfnProductSubscriptionProps)
func NewCfnStandard_Override ¶ added in v2.85.0
func NewCfnStandard_Override(c CfnStandard, scope constructs.Construct, id *string, props *CfnStandardProps)
Types ¶
type CfnAutomationRule ¶ added in v2.85.0
type CfnAutomationRule interface {
awscdk.CfnResource
awscdk.IInspectable
awscdk.ITaggableV2
// One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .
Actions() interface{}
SetActions(val interface{})
// A timestamp that indicates when the rule was created.
//
// Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3339#section-5.6) . The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z` .
AttrCreatedAt() *string
// The principal that created the rule.
//
// For example, `arn:aws:sts::123456789012:assumed-role/Developer-Role/JaneDoe` .
AttrCreatedBy() *string
// The Amazon Resource Name (ARN) of the automation rule that you create.
//
// For example, `arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .
AttrRuleArn() *string
// A timestamp that indicates when the rule was most recently updated.
//
// Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3339#section-5.6) . The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z` .
AttrUpdatedAt() *string
// Tag Manager which manages the tags for this resource.
CdkTagManager() awscdk.TagManager
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.
Criteria() interface{}
SetCriteria(val interface{})
// A description of the rule.
Description() *string
SetDescription(val *string)
// Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria.
IsTerminal() interface{}
SetIsTerminal(val interface{})
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The tree node.
Node() constructs.Node
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The name of the rule.
RuleName() *string
SetRuleName(val *string)
// An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings.
RuleOrder() *float64
SetRuleOrder(val *float64)
// Whether the rule is active after it is created.
RuleStatus() *string
SetRuleStatus(val *string)
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// User-defined tags associated with an automation rule.
Tags() *map[string]*string
SetTags(val *map[string]*string)
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters.
For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var id interface{}
var updatedBy interface{}
cfnAutomationRule := awscdk.Aws_securityhub.NewCfnAutomationRule(this, jsii.String("MyCfnAutomationRule"), &CfnAutomationRuleProps{
Actions: []interface{}{
&AutomationRulesActionProperty{
FindingFieldsUpdate: &AutomationRulesFindingFieldsUpdateProperty{
Confidence: jsii.Number(123),
Criticality: jsii.Number(123),
Note: &NoteUpdateProperty{
Text: jsii.String("text"),
UpdatedBy: updatedBy,
},
RelatedFindings: []interface{}{
&RelatedFindingProperty{
Id: id,
ProductArn: jsii.String("productArn"),
},
},
Severity: &SeverityUpdateProperty{
Label: jsii.String("label"),
Normalized: jsii.Number(123),
Product: jsii.Number(123),
},
Types: []*string{
jsii.String("types"),
},
UserDefinedFields: map[string]*string{
"userDefinedFieldsKey": jsii.String("userDefinedFields"),
},
VerificationState: jsii.String("verificationState"),
Workflow: &WorkflowUpdateProperty{
Status: jsii.String("status"),
},
},
Type: jsii.String("type"),
},
},
Criteria: &AutomationRulesFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
},
Description: jsii.String("description"),
IsTerminal: jsii.Boolean(false),
RuleName: jsii.String("ruleName"),
RuleOrder: jsii.Number(123),
RuleStatus: jsii.String("ruleStatus"),
Tags: map[string]*string{
"tagsKey": jsii.String("tags"),
},
})
func NewCfnAutomationRule ¶ added in v2.85.0
func NewCfnAutomationRule(scope constructs.Construct, id *string, props *CfnAutomationRuleProps) CfnAutomationRule
type CfnAutomationRuleProps ¶ added in v2.85.0
type CfnAutomationRuleProps struct {
// One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-actions
//
Actions interface{} `field:"optional" json:"actions" yaml:"actions"`
// A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-criteria
//
Criteria interface{} `field:"optional" json:"criteria" yaml:"criteria"`
// A description of the rule.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-description
//
Description *string `field:"optional" json:"description" yaml:"description"`
// Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria.
//
// This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-isterminal
//
IsTerminal interface{} `field:"optional" json:"isTerminal" yaml:"isTerminal"`
// The name of the rule.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-rulename
//
RuleName *string `field:"optional" json:"ruleName" yaml:"ruleName"`
// An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings.
//
// Security Hub applies rules with lower values for this parameter first.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-ruleorder
//
RuleOrder *float64 `field:"optional" json:"ruleOrder" yaml:"ruleOrder"`
// Whether the rule is active after it is created.
//
// If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-rulestatus
//
RuleStatus *string `field:"optional" json:"ruleStatus" yaml:"ruleStatus"`
// User-defined tags associated with an automation rule.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-automationrule.html#cfn-securityhub-automationrule-tags
//
Tags *map[string]*string `field:"optional" json:"tags" yaml:"tags"`
}
Properties for defining a `CfnAutomationRule`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var id interface{}
var updatedBy interface{}
cfnAutomationRuleProps := &CfnAutomationRuleProps{
Actions: []interface{}{
&AutomationRulesActionProperty{
FindingFieldsUpdate: &AutomationRulesFindingFieldsUpdateProperty{
Confidence: jsii.Number(123),
Criticality: jsii.Number(123),
Note: &NoteUpdateProperty{
Text: jsii.String("text"),
UpdatedBy: updatedBy,
},
RelatedFindings: []interface{}{
&RelatedFindingProperty{
Id: id,
ProductArn: jsii.String("productArn"),
},
},
Severity: &SeverityUpdateProperty{
Label: jsii.String("label"),
Normalized: jsii.Number(123),
Product: jsii.Number(123),
},
Types: []*string{
jsii.String("types"),
},
UserDefinedFields: map[string]*string{
"userDefinedFieldsKey": jsii.String("userDefinedFields"),
},
VerificationState: jsii.String("verificationState"),
Workflow: &WorkflowUpdateProperty{
Status: jsii.String("status"),
},
},
Type: jsii.String("type"),
},
},
Criteria: &AutomationRulesFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
},
Description: jsii.String("description"),
IsTerminal: jsii.Boolean(false),
RuleName: jsii.String("ruleName"),
RuleOrder: jsii.Number(123),
RuleStatus: jsii.String("ruleStatus"),
Tags: map[string]*string{
"tagsKey": jsii.String("tags"),
},
}
type CfnAutomationRule_AutomationRulesActionProperty ¶ added in v2.85.0
type CfnAutomationRule_AutomationRulesActionProperty struct {
// Specifies that the automation rule action is an update to a finding field.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesaction.html#cfn-securityhub-automationrule-automationrulesaction-findingfieldsupdate
//
FindingFieldsUpdate interface{} `field:"required" json:"findingFieldsUpdate" yaml:"findingFieldsUpdate"`
// Specifies that the rule action should update the `Types` finding field.
//
// The `Types` finding field classifies findings in the format of namespace/category/classifier. For more information, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesaction.html#cfn-securityhub-automationrule-automationrulesaction-type
//
Type *string `field:"required" json:"type" yaml:"type"`
}
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var id interface{}
var updatedBy interface{}
automationRulesActionProperty := &AutomationRulesActionProperty{
FindingFieldsUpdate: &AutomationRulesFindingFieldsUpdateProperty{
Confidence: jsii.Number(123),
Criticality: jsii.Number(123),
Note: &NoteUpdateProperty{
Text: jsii.String("text"),
UpdatedBy: updatedBy,
},
RelatedFindings: []interface{}{
&RelatedFindingProperty{
Id: id,
ProductArn: jsii.String("productArn"),
},
},
Severity: &SeverityUpdateProperty{
Label: jsii.String("label"),
Normalized: jsii.Number(123),
Product: jsii.Number(123),
},
Types: []*string{
jsii.String("types"),
},
UserDefinedFields: map[string]*string{
"userDefinedFieldsKey": jsii.String("userDefinedFields"),
},
VerificationState: jsii.String("verificationState"),
Workflow: &WorkflowUpdateProperty{
Status: jsii.String("status"),
},
},
Type: jsii.String("type"),
}
type CfnAutomationRule_AutomationRulesFindingFieldsUpdateProperty ¶ added in v2.85.0
type CfnAutomationRule_AutomationRulesFindingFieldsUpdateProperty struct {
// The rule action updates the `Confidence` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-confidence
//
Confidence *float64 `field:"optional" json:"confidence" yaml:"confidence"`
// The rule action updates the `Criticality` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-criticality
//
Criticality *float64 `field:"optional" json:"criticality" yaml:"criticality"`
// The rule action will update the `Note` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-note
//
Note interface{} `field:"optional" json:"note" yaml:"note"`
// The rule action will update the `RelatedFindings` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-relatedfindings
//
RelatedFindings interface{} `field:"optional" json:"relatedFindings" yaml:"relatedFindings"`
// The rule action will update the `Severity` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-severity
//
Severity interface{} `field:"optional" json:"severity" yaml:"severity"`
// The rule action updates the `Types` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-types
//
Types *[]*string `field:"optional" json:"types" yaml:"types"`
// The rule action updates the `UserDefinedFields` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-userdefinedfields
//
UserDefinedFields interface{} `field:"optional" json:"userDefinedFields" yaml:"userDefinedFields"`
// The rule action updates the `VerificationState` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-verificationstate
//
VerificationState *string `field:"optional" json:"verificationState" yaml:"verificationState"`
// The rule action will update the `Workflow` field of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfieldsupdate.html#cfn-securityhub-automationrule-automationrulesfindingfieldsupdate-workflow
//
Workflow interface{} `field:"optional" json:"workflow" yaml:"workflow"`
}
Identifies the finding fields that the automation rule action updates when a finding matches the defined criteria.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var id interface{}
var updatedBy interface{}
automationRulesFindingFieldsUpdateProperty := &AutomationRulesFindingFieldsUpdateProperty{
Confidence: jsii.Number(123),
Criticality: jsii.Number(123),
Note: &NoteUpdateProperty{
Text: jsii.String("text"),
UpdatedBy: updatedBy,
},
RelatedFindings: []interface{}{
&RelatedFindingProperty{
Id: id,
ProductArn: jsii.String("productArn"),
},
},
Severity: &SeverityUpdateProperty{
Label: jsii.String("label"),
Normalized: jsii.Number(123),
Product: jsii.Number(123),
},
Types: []*string{
jsii.String("types"),
},
UserDefinedFields: map[string]*string{
"userDefinedFieldsKey": jsii.String("userDefinedFields"),
},
VerificationState: jsii.String("verificationState"),
Workflow: &WorkflowUpdateProperty{
Status: jsii.String("status"),
},
}
type CfnAutomationRule_AutomationRulesFindingFiltersProperty ¶ added in v2.85.0
type CfnAutomationRule_AutomationRulesFindingFiltersProperty struct {
// The AWS account ID in which a finding was generated.
//
// Array Members: Minimum number of 1 item. Maximum number of 100 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-awsaccountid
//
AwsAccountId interface{} `field:"optional" json:"awsAccountId" yaml:"awsAccountId"`
// The name of the company for the product that generated the finding.
//
// For control-based findings, the company is AWS .
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-companyname
//
CompanyName interface{} `field:"optional" json:"companyName" yaml:"companyName"`
// The unique identifier of a standard in which a control is enabled.
//
// This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-complianceassociatedstandardsid
//
ComplianceAssociatedStandardsId interface{} `field:"optional" json:"complianceAssociatedStandardsId" yaml:"complianceAssociatedStandardsId"`
// The security control ID for which a finding was generated. Security control IDs are the same across standards.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-compliancesecuritycontrolid
//
ComplianceSecurityControlId interface{} `field:"optional" json:"complianceSecurityControlId" yaml:"complianceSecurityControlId"`
// The result of a security check. This field is only used for findings generated from controls.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-compliancestatus
//
ComplianceStatus interface{} `field:"optional" json:"complianceStatus" yaml:"complianceStatus"`
// The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
//
// `Confidence` is scored on a 0–100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-confidence
//
Confidence interface{} `field:"optional" json:"confidence" yaml:"confidence"`
// A timestamp that indicates when this finding record was created.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-createdat
//
CreatedAt interface{} `field:"optional" json:"createdAt" yaml:"createdAt"`
// The level of importance that is assigned to the resources that are associated with a finding.
//
// `Criticality` is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-criticality
//
Criticality interface{} `field:"optional" json:"criticality" yaml:"criticality"`
// A finding's description.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-description
//
Description interface{} `field:"optional" json:"description" yaml:"description"`
// A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-firstobservedat
//
FirstObservedAt interface{} `field:"optional" json:"firstObservedAt" yaml:"firstObservedAt"`
// The identifier for the solution-specific component that generated a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 100 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-generatorid
//
GeneratorId interface{} `field:"optional" json:"generatorId" yaml:"generatorId"`
// The product-specific identifier for a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-id
//
Id interface{} `field:"optional" json:"id" yaml:"id"`
// A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-lastobservedat
//
LastObservedAt interface{} `field:"optional" json:"lastObservedAt" yaml:"lastObservedAt"`
// The text of a user-defined note that's added to a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-notetext
//
NoteText interface{} `field:"optional" json:"noteText" yaml:"noteText"`
// The timestamp of when the note was updated.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-noteupdatedat
//
NoteUpdatedAt interface{} `field:"optional" json:"noteUpdatedAt" yaml:"noteUpdatedAt"`
// The principal that created a note.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-noteupdatedby
//
NoteUpdatedBy interface{} `field:"optional" json:"noteUpdatedBy" yaml:"noteUpdatedBy"`
// The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-productarn
//
ProductArn interface{} `field:"optional" json:"productArn" yaml:"productArn"`
// Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-productname
//
ProductName interface{} `field:"optional" json:"productName" yaml:"productName"`
// Provides the current state of a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-recordstate
//
RecordState interface{} `field:"optional" json:"recordState" yaml:"recordState"`
// The product-generated identifier for a related finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-relatedfindingsid
//
RelatedFindingsId interface{} `field:"optional" json:"relatedFindingsId" yaml:"relatedFindingsId"`
// The ARN for the product that generated a related finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-relatedfindingsproductarn
//
RelatedFindingsProductArn interface{} `field:"optional" json:"relatedFindingsProductArn" yaml:"relatedFindingsProductArn"`
// Custom fields and values about the resource that a finding pertains to.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourcedetailsother
//
ResourceDetailsOther interface{} `field:"optional" json:"resourceDetailsOther" yaml:"resourceDetailsOther"`
// The identifier for the given resource type.
//
// For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.
//
// Array Members: Minimum number of 1 item. Maximum number of 100 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourceid
//
ResourceId interface{} `field:"optional" json:"resourceId" yaml:"resourceId"`
// The partition in which the resource that the finding pertains to is located.
//
// A partition is a group of AWS Regions . Each AWS account is scoped to one partition.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourcepartition
//
ResourcePartition interface{} `field:"optional" json:"resourcePartition" yaml:"resourcePartition"`
// The AWS Region where the resource that a finding pertains to is located.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourceregion
//
ResourceRegion interface{} `field:"optional" json:"resourceRegion" yaml:"resourceRegion"`
// A list of AWS tags associated with a resource at the time the finding was processed.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourcetags
//
ResourceTags interface{} `field:"optional" json:"resourceTags" yaml:"resourceTags"`
// A finding's title.
//
// Array Members: Minimum number of 1 item. Maximum number of 100 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-resourcetype
//
ResourceType interface{} `field:"optional" json:"resourceType" yaml:"resourceType"`
// The severity value of the finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-severitylabel
//
SeverityLabel interface{} `field:"optional" json:"severityLabel" yaml:"severityLabel"`
// Provides a URL that links to a page about the current finding in the finding product.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-sourceurl
//
SourceUrl interface{} `field:"optional" json:"sourceUrl" yaml:"sourceUrl"`
// A finding's title.
//
// Array Members: Minimum number of 1 item. Maximum number of 100 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-title
//
Title interface{} `field:"optional" json:"title" yaml:"title"`
// One or more finding types in the format of namespace/category/classifier that classify a finding.
//
// For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-type
//
Type interface{} `field:"optional" json:"type" yaml:"type"`
// A timestamp that indicates when the finding record was most recently updated.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-updatedat
//
UpdatedAt interface{} `field:"optional" json:"updatedAt" yaml:"updatedAt"`
// A list of user-defined name and value string pairs added to a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-userdefinedfields
//
UserDefinedFields interface{} `field:"optional" json:"userDefinedFields" yaml:"userDefinedFields"`
// Provides the veracity of a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-verificationstate
//
VerificationState interface{} `field:"optional" json:"verificationState" yaml:"verificationState"`
// Provides information about the status of the investigation into a finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-automationrulesfindingfilters.html#cfn-securityhub-automationrule-automationrulesfindingfilters-workflowstatus
//
WorkflowStatus interface{} `field:"optional" json:"workflowStatus" yaml:"workflowStatus"`
}
The criteria that determine which findings a rule applies to.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
automationRulesFindingFiltersProperty := &AutomationRulesFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
}
type CfnAutomationRule_DateFilterProperty ¶ added in v2.85.0
type CfnAutomationRule_DateFilterProperty struct {
// A date range for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html#cfn-securityhub-automationrule-datefilter-daterange
//
DateRange interface{} `field:"optional" json:"dateRange" yaml:"dateRange"`
// A timestamp that provides the end date for the date filter.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html#cfn-securityhub-automationrule-datefilter-end
//
End *string `field:"optional" json:"end" yaml:"end"`
// A timestamp that provides the start date for the date filter.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html#cfn-securityhub-automationrule-datefilter-start
//
Start *string `field:"optional" json:"start" yaml:"start"`
}
A date filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
dateFilterProperty := &DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
}
type CfnAutomationRule_DateRangeProperty ¶ added in v2.85.0
type CfnAutomationRule_DateRangeProperty struct {
// A date range unit for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-daterange.html#cfn-securityhub-automationrule-daterange-unit
//
Unit *string `field:"required" json:"unit" yaml:"unit"`
// A date range value for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-daterange.html#cfn-securityhub-automationrule-daterange-value
//
Value *float64 `field:"required" json:"value" yaml:"value"`
}
A date range for the date filter.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
dateRangeProperty := &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
}
type CfnAutomationRule_MapFilterProperty ¶ added in v2.85.0
type CfnAutomationRule_MapFilterProperty struct {
// The condition to apply to the key value when filtering Security Hub findings with a map filter.
//
// To search for values that have the filter value, use one of the following comparison operators:
//
// - To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.
// - To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.
//
// `CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.
//
// To search for values that don't have the filter value, use one of the following comparison operators:
//
// - To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.
// - To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don’t have the value `Finance` for the `Department` tag.
//
// `NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.
//
// `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.
//
// You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can’t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.
//
// `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-mapfilter.html#cfn-securityhub-automationrule-mapfilter-comparison
//
Comparison *string `field:"required" json:"comparison" yaml:"comparison"`
// The key of the map filter.
//
// For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-mapfilter.html#cfn-securityhub-automationrule-mapfilter-key
//
Key *string `field:"required" json:"key" yaml:"key"`
// The value for the key in the map filter.
//
// Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-mapfilter.html#cfn-securityhub-automationrule-mapfilter-value
//
Value *string `field:"required" json:"value" yaml:"value"`
}
A map filter for filtering AWS Security Hub findings.
Each map filter provides the field to check for, the value to check for, and the comparison operator.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
mapFilterProperty := &MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
}
type CfnAutomationRule_NoteUpdateProperty ¶ added in v2.85.0
type CfnAutomationRule_NoteUpdateProperty struct {
// The updated note text.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-noteupdate.html#cfn-securityhub-automationrule-noteupdate-text
//
Text *string `field:"required" json:"text" yaml:"text"`
// The principal that updated the note.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-noteupdate.html#cfn-securityhub-automationrule-noteupdate-updatedby
//
UpdatedBy interface{} `field:"required" json:"updatedBy" yaml:"updatedBy"`
}
The updated note.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var updatedBy interface{}
noteUpdateProperty := &NoteUpdateProperty{
Text: jsii.String("text"),
UpdatedBy: updatedBy,
}
type CfnAutomationRule_NumberFilterProperty ¶ added in v2.85.0
type CfnAutomationRule_NumberFilterProperty struct {
// The equal-to condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-numberfilter.html#cfn-securityhub-automationrule-numberfilter-eq
//
Eq *float64 `field:"optional" json:"eq" yaml:"eq"`
// The greater-than-equal condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-numberfilter.html#cfn-securityhub-automationrule-numberfilter-gte
//
Gte *float64 `field:"optional" json:"gte" yaml:"gte"`
// The less-than-equal condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-numberfilter.html#cfn-securityhub-automationrule-numberfilter-lte
//
Lte *float64 `field:"optional" json:"lte" yaml:"lte"`
}
A number filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
numberFilterProperty := &NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
}
type CfnAutomationRule_RelatedFindingProperty ¶ added in v2.85.0
type CfnAutomationRule_RelatedFindingProperty struct {
// The product-generated identifier for a related finding.
//
// Array Members: Minimum number of 1 item. Maximum number of 20 items.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-relatedfinding.html#cfn-securityhub-automationrule-relatedfinding-id
//
Id interface{} `field:"required" json:"id" yaml:"id"`
// The Amazon Resource Name (ARN) for the product that generated a related finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-relatedfinding.html#cfn-securityhub-automationrule-relatedfinding-productarn
//
ProductArn *string `field:"required" json:"productArn" yaml:"productArn"`
}
Provides details about a list of findings that the current finding relates to.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var id interface{}
relatedFindingProperty := &RelatedFindingProperty{
Id: id,
ProductArn: jsii.String("productArn"),
}
type CfnAutomationRule_SeverityUpdateProperty ¶ added in v2.85.0
type CfnAutomationRule_SeverityUpdateProperty struct {
// The severity value of the finding. The allowed values are the following.
//
// - `INFORMATIONAL` - No issue was found.
// - `LOW` - The issue does not require action on its own.
// - `MEDIUM` - The issue must be addressed but not urgently.
// - `HIGH` - The issue must be addressed as a priority.
// - `CRITICAL` - The issue must be remediated immediately to avoid it escalating.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-severityupdate.html#cfn-securityhub-automationrule-severityupdate-label
//
Label *string `field:"optional" json:"label" yaml:"label"`
// The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .
//
// If you provide `Normalized` and do not provide `Label` , `Label` is set automatically as follows.
//
// - 0 - `INFORMATIONAL`
// - 1–39 - `LOW`
// - 40–69 - `MEDIUM`
// - 70–89 - `HIGH`
// - 90–100 - `CRITICAL`.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-severityupdate.html#cfn-securityhub-automationrule-severityupdate-normalized
//
Normalized *float64 `field:"optional" json:"normalized" yaml:"normalized"`
// The native severity as defined by the AWS service or integrated partner product that generated the finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-severityupdate.html#cfn-securityhub-automationrule-severityupdate-product
//
Product *float64 `field:"optional" json:"product" yaml:"product"`
}
Updates to the severity information for a finding.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
severityUpdateProperty := &SeverityUpdateProperty{
Label: jsii.String("label"),
Normalized: jsii.Number(123),
Product: jsii.Number(123),
}
type CfnAutomationRule_StringFilterProperty ¶ added in v2.85.0
type CfnAutomationRule_StringFilterProperty struct {
// The condition to apply to a string value when filtering Security Hub findings.
//
// To search for values that have the filter value, use one of the following comparison operators:
//
// - To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.
// - To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .
// - To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.
//
// `CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.
//
// To search for values that don’t have the filter value, use one of the following comparison operators:
//
// - To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.
// - To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .
// - To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .
//
// `NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.
//
// You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.
//
// You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
//
// For example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
//
// - `ResourceType PREFIX AwsIam`
// - `ResourceType PREFIX AwsEc2`
// - `ResourceType NOT_EQUALS AwsIamPolicy`
// - `ResourceType NOT_EQUALS AwsEc2NetworkInterface`
//
// `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-stringfilter.html#cfn-securityhub-automationrule-stringfilter-comparison
//
Comparison *string `field:"required" json:"comparison" yaml:"comparison"`
// The string filter value.
//
// Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-stringfilter.html#cfn-securityhub-automationrule-stringfilter-value
//
Value *string `field:"required" json:"value" yaml:"value"`
}
A string filter for filtering AWS Security Hub findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
stringFilterProperty := &StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
}
type CfnAutomationRule_WorkflowUpdateProperty ¶ added in v2.85.0
type CfnAutomationRule_WorkflowUpdateProperty struct {
// The status of the investigation into the finding.
//
// The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.
//
// The allowed values are the following.
//
// - `NEW` - The initial state of a finding, before it is reviewed.
//
// Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:
//
// - The record state changes from `ARCHIVED` to `ACTIVE` .
// - The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .
// - `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
// - `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.
// - `SUPPRESSED` - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-workflowupdate.html#cfn-securityhub-automationrule-workflowupdate-status
//
Status *string `field:"required" json:"status" yaml:"status"`
}
Used to update information about the investigation into the finding.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
workflowUpdateProperty := &WorkflowUpdateProperty{
Status: jsii.String("status"),
}
type CfnDelegatedAdmin ¶ added in v2.138.0
type CfnDelegatedAdmin interface {
awscdk.CfnResource
awscdk.IInspectable
// The AWS account identifier of the account to designate as the Security Hub administrator account.
AdminAccountId() *string
SetAdminAccountId(val *string)
// The ID of the delegated Security Hub administrator account, in the format of `accountID/Region` .
AttrDelegatedAdminIdentifier() *string
// Whether the delegated Security Hub administrator is set for the organization.
AttrStatus() *string
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The tree node.
Node() constructs.Node
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated AWS Security Hub administrator account for an organization.
You must enable the integration between Security Hub and AWS Organizations before you can designate a delegated Security Hub administrator. Only the management account for an organization can designate the delegated Security Hub administrator account. For more information, see [Designating the delegated Security Hub administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *AWS Security Hub User Guide* .
To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.
To designate multiple delegated administrators in different organizations and AWS Regions , we recommend using [AWS CloudFormation mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html) .
Tags aren't supported for this resource.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnDelegatedAdmin := awscdk.Aws_securityhub.NewCfnDelegatedAdmin(this, jsii.String("MyCfnDelegatedAdmin"), &CfnDelegatedAdminProps{
AdminAccountId: jsii.String("adminAccountId"),
})
func NewCfnDelegatedAdmin ¶ added in v2.138.0
func NewCfnDelegatedAdmin(scope constructs.Construct, id *string, props *CfnDelegatedAdminProps) CfnDelegatedAdmin
type CfnDelegatedAdminProps ¶ added in v2.138.0
type CfnDelegatedAdminProps struct {
// The AWS account identifier of the account to designate as the Security Hub administrator account.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-delegatedadmin.html#cfn-securityhub-delegatedadmin-adminaccountid
//
AdminAccountId *string `field:"required" json:"adminAccountId" yaml:"adminAccountId"`
}
Properties for defining a `CfnDelegatedAdmin`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnDelegatedAdminProps := &CfnDelegatedAdminProps{
AdminAccountId: jsii.String("adminAccountId"),
}
type CfnHub ¶
type CfnHub interface {
awscdk.CfnResource
awscdk.IInspectable
awscdk.ITaggable
// The Amazon Resource Name (ARN) of the `Hub` resource that was retrieved.
AttrArn() *string
// The date and time when Security Hub was enabled in your account.
AttrSubscribedAt() *string
// Whether to automatically enable new controls when they are added to standards that are enabled.
AutoEnableControls() interface{}
SetAutoEnableControls(val interface{})
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Specifies whether an account has consolidated control findings turned on or off.
ControlFindingGenerator() *string
SetControlFindingGenerator(val *string)
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// Whether to enable the security standards that Security Hub has designated as automatically enabled.
EnableDefaultStandards() interface{}
SetEnableDefaultStandards(val interface{})
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The tree node.
Node() constructs.Node
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// Tag Manager which manages the tags for this resource.
Tags() awscdk.TagManager
// An array of key-value pairs to apply to this resource.
TagsRaw() interface{}
SetTagsRaw(val interface{})
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::Hub` resource specifies the enablement of the AWS Security Hub service in your AWS account .
The service is enabled in the current AWS Region or the specified Region. You create a separate `Hub` resource in each Region in which you want to enable Security Hub .
When you use this resource to enable Security Hub , default security standards are enabled. To disable default standards, set the `EnableDefaultStandards` property to `false` . You can use the [`AWS::SecurityHub::Standard`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html) resource to enable additional standards.
When you use this resource to enable Security Hub , new controls are automatically enabled for your enabled standards. To disable automatic enablement of new controls, set the `AutoEnableControls` property to `false` .
You must create an `AWS::SecurityHub::Hub` resource for an account before you can create other types of Security Hub resources for the account through AWS CloudFormation . Use a [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , such as `"DependsOn": "Hub"` , to ensure that you've created an `AWS::SecurityHub::Hub` resource before creating other Security Hub resources for an account.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var tags interface{}
cfnHub := awscdk.Aws_securityhub.NewCfnHub(this, jsii.String("MyCfnHub"), &CfnHubProps{
AutoEnableControls: jsii.Boolean(false),
ControlFindingGenerator: jsii.String("controlFindingGenerator"),
EnableDefaultStandards: jsii.Boolean(false),
Tags: tags,
})
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html
func NewCfnHub ¶
func NewCfnHub(scope constructs.Construct, id *string, props *CfnHubProps) CfnHub
type CfnHubProps ¶
type CfnHubProps struct {
// Whether to automatically enable new controls when they are added to standards that are enabled.
//
// By default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html#cfn-securityhub-hub-autoenablecontrols
//
AutoEnableControls interface{} `field:"optional" json:"autoEnableControls" yaml:"autoEnableControls"`
// Specifies whether an account has consolidated control findings turned on or off.
//
// If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.
//
// If the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.
//
// The value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html#cfn-securityhub-hub-controlfindinggenerator
//
ControlFindingGenerator *string `field:"optional" json:"controlFindingGenerator" yaml:"controlFindingGenerator"`
// Whether to enable the security standards that Security Hub has designated as automatically enabled.
//
// If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .
//
// Currently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html#cfn-securityhub-hub-enabledefaultstandards
//
EnableDefaultStandards interface{} `field:"optional" json:"enableDefaultStandards" yaml:"enableDefaultStandards"`
// An array of key-value pairs to apply to this resource.
//
// For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html#cfn-securityhub-hub-tags
//
Tags interface{} `field:"optional" json:"tags" yaml:"tags"`
}
Properties for defining a `CfnHub`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var tags interface{}
cfnHubProps := &CfnHubProps{
AutoEnableControls: jsii.Boolean(false),
ControlFindingGenerator: jsii.String("controlFindingGenerator"),
EnableDefaultStandards: jsii.Boolean(false),
Tags: tags,
}
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html
type CfnInsight ¶ added in v2.138.0
type CfnInsight interface {
awscdk.CfnResource
awscdk.IInspectable
// The ARN of a Security Hub insight.
AttrInsightArn() *string
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// One or more attributes used to filter the findings included in the insight.
Filters() interface{}
SetFilters(val interface{})
// The grouping attribute for the insight's findings.
GroupByAttribute() *string
SetGroupByAttribute(val *string)
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The name of a Security Hub insight.
Name() *string
SetName(val *string)
// The tree node.
Node() constructs.Node
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::Insight` resource creates a custom insight in AWS Security Hub .
An insight is a collection of findings that relate to a security issue that requires attention or remediation. For more information, see [Insights in AWS Security Hub](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-insights.html) in the *AWS Security Hub User Guide* .
Tags aren't supported for this resource.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnInsight := awscdk.Aws_securityhub.NewCfnInsight(this, jsii.String("MyCfnInsight"), &CfnInsightProps{
Filters: &AwsSecurityFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
AwsAccountName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsConfidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsCriticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsRelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsRelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityOriginal: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsTypes: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Keyword: []interface{}{
&KeywordFilterProperty{
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
MalwareName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwarePath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationPort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NetworkDirection: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkProtocol: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceMac: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourcePort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProcessName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessParentPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessPath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessTerminatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecommendationText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Region: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIamInstanceProfileArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIpV4Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceIpV6Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceKeyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsEc2InstanceSubnetId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceVpcId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyCreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsIamAccessKeyPrincipalName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamUserUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceContainerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Sample: []interface{}{
&BooleanFilterProperty{
Value: jsii.Boolean(false),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityNormalized: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SeverityProduct: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorCategory: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorLastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ThreatIntelIndicatorSource: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorSourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesExploitAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesFixAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
},
GroupByAttribute: jsii.String("groupByAttribute"),
Name: jsii.String("name"),
})
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-insight.html
func NewCfnInsight ¶ added in v2.138.0
func NewCfnInsight(scope constructs.Construct, id *string, props *CfnInsightProps) CfnInsight
type CfnInsightProps ¶ added in v2.138.0
type CfnInsightProps struct {
// One or more attributes used to filter the findings included in the insight.
//
// The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-insight.html#cfn-securityhub-insight-filters
//
Filters interface{} `field:"required" json:"filters" yaml:"filters"`
// The grouping attribute for the insight's findings.
//
// Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-insight.html#cfn-securityhub-insight-groupbyattribute
//
GroupByAttribute *string `field:"required" json:"groupByAttribute" yaml:"groupByAttribute"`
// The name of a Security Hub insight.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-insight.html#cfn-securityhub-insight-name
//
Name *string `field:"required" json:"name" yaml:"name"`
}
Properties for defining a `CfnInsight`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnInsightProps := &CfnInsightProps{
Filters: &AwsSecurityFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
AwsAccountName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsConfidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsCriticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsRelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsRelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityOriginal: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsTypes: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Keyword: []interface{}{
&KeywordFilterProperty{
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
MalwareName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwarePath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationPort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NetworkDirection: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkProtocol: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceMac: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourcePort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProcessName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessParentPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessPath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessTerminatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecommendationText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Region: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIamInstanceProfileArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIpV4Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceIpV6Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceKeyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsEc2InstanceSubnetId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceVpcId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyCreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsIamAccessKeyPrincipalName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamUserUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceContainerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Sample: []interface{}{
&BooleanFilterProperty{
Value: jsii.Boolean(false),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityNormalized: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SeverityProduct: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorCategory: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorLastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ThreatIntelIndicatorSource: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorSourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesExploitAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesFixAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
},
GroupByAttribute: jsii.String("groupByAttribute"),
Name: jsii.String("name"),
}
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-insight.html
type CfnInsight_AwsSecurityFindingFiltersProperty ¶ added in v2.138.0
type CfnInsight_AwsSecurityFindingFiltersProperty struct {
// The AWS account ID in which a finding is generated.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-awsaccountid
//
AwsAccountId interface{} `field:"optional" json:"awsAccountId" yaml:"awsAccountId"`
// The name of the AWS account in which a finding is generated.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-awsaccountname
//
AwsAccountName interface{} `field:"optional" json:"awsAccountName" yaml:"awsAccountName"`
// The name of the findings provider (company) that owns the solution (product) that generates findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-companyname
//
CompanyName interface{} `field:"optional" json:"companyName" yaml:"companyName"`
// The unique identifier of a standard in which a control is enabled.
//
// This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-complianceassociatedstandardsid
//
ComplianceAssociatedStandardsId interface{} `field:"optional" json:"complianceAssociatedStandardsId" yaml:"complianceAssociatedStandardsId"`
// The unique identifier of a control across standards.
//
// Values for this field typically consist of an AWS service and a number, such as APIGateway.5.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-compliancesecuritycontrolid
//
ComplianceSecurityControlId interface{} `field:"optional" json:"complianceSecurityControlId" yaml:"complianceSecurityControlId"`
// The name of a security control parameter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-compliancesecuritycontrolparametersname
//
ComplianceSecurityControlParametersName interface{} `field:"optional" json:"complianceSecurityControlParametersName" yaml:"complianceSecurityControlParametersName"`
// The current value of a security control parameter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-compliancesecuritycontrolparametersvalue
//
ComplianceSecurityControlParametersValue interface{} `field:"optional" json:"complianceSecurityControlParametersValue" yaml:"complianceSecurityControlParametersValue"`
// Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations.
//
// Contains security standard-related finding details.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-compliancestatus
//
ComplianceStatus interface{} `field:"optional" json:"complianceStatus" yaml:"complianceStatus"`
// A finding's confidence.
//
// Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
//
// Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-confidence
//
Confidence interface{} `field:"optional" json:"confidence" yaml:"confidence"`
// A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-createdat
//
CreatedAt interface{} `field:"optional" json:"createdAt" yaml:"createdAt"`
// The level of importance assigned to the resources associated with the finding.
//
// A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-criticality
//
Criticality interface{} `field:"optional" json:"criticality" yaml:"criticality"`
// A finding's description.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-description
//
Description interface{} `field:"optional" json:"description" yaml:"description"`
// The finding provider value for the finding confidence.
//
// Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
//
// Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldsconfidence
//
FindingProviderFieldsConfidence interface{} `field:"optional" json:"findingProviderFieldsConfidence" yaml:"findingProviderFieldsConfidence"`
// The finding provider value for the level of importance assigned to the resources associated with the findings.
//
// A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldscriticality
//
FindingProviderFieldsCriticality interface{} `field:"optional" json:"findingProviderFieldsCriticality" yaml:"findingProviderFieldsCriticality"`
// The finding identifier of a related finding that is identified by the finding provider.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldsrelatedfindingsid
//
FindingProviderFieldsRelatedFindingsId interface{} `field:"optional" json:"findingProviderFieldsRelatedFindingsId" yaml:"findingProviderFieldsRelatedFindingsId"`
// The ARN of the solution that generated a related finding that is identified by the finding provider.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldsrelatedfindingsproductarn
//
FindingProviderFieldsRelatedFindingsProductArn interface{} `field:"optional" json:"findingProviderFieldsRelatedFindingsProductArn" yaml:"findingProviderFieldsRelatedFindingsProductArn"`
// The finding provider value for the severity label.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldsseveritylabel
//
FindingProviderFieldsSeverityLabel interface{} `field:"optional" json:"findingProviderFieldsSeverityLabel" yaml:"findingProviderFieldsSeverityLabel"`
// The finding provider's original value for the severity.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldsseverityoriginal
//
FindingProviderFieldsSeverityOriginal interface{} `field:"optional" json:"findingProviderFieldsSeverityOriginal" yaml:"findingProviderFieldsSeverityOriginal"`
// One or more finding types that the finding provider assigned to the finding.
//
// Uses the format of `namespace/category/classifier` that classify a finding.
//
// Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-findingproviderfieldstypes
//
FindingProviderFieldsTypes interface{} `field:"optional" json:"findingProviderFieldsTypes" yaml:"findingProviderFieldsTypes"`
// A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-firstobservedat
//
FirstObservedAt interface{} `field:"optional" json:"firstObservedAt" yaml:"firstObservedAt"`
// The identifier for the solution-specific component (a discrete unit of logic) that generated a finding.
//
// In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-generatorid
//
GeneratorId interface{} `field:"optional" json:"generatorId" yaml:"generatorId"`
// The security findings provider-specific identifier for a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-id
//
Id interface{} `field:"optional" json:"id" yaml:"id"`
// This field is deprecated.
//
// A keyword for a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-keyword
//
Keyword interface{} `field:"optional" json:"keyword" yaml:"keyword"`
// A timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-lastobservedat
//
LastObservedAt interface{} `field:"optional" json:"lastObservedAt" yaml:"lastObservedAt"`
// The name of the malware that was observed.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-malwarename
//
MalwareName interface{} `field:"optional" json:"malwareName" yaml:"malwareName"`
// The filesystem path of the malware that was observed.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-malwarepath
//
MalwarePath interface{} `field:"optional" json:"malwarePath" yaml:"malwarePath"`
// The state of the malware that was observed.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-malwarestate
//
MalwareState interface{} `field:"optional" json:"malwareState" yaml:"malwareState"`
// The type of the malware that was observed.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-malwaretype
//
MalwareType interface{} `field:"optional" json:"malwareType" yaml:"malwareType"`
// The destination domain of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkdestinationdomain
//
NetworkDestinationDomain interface{} `field:"optional" json:"networkDestinationDomain" yaml:"networkDestinationDomain"`
// The destination IPv4 address of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkdestinationipv4
//
NetworkDestinationIpV4 interface{} `field:"optional" json:"networkDestinationIpV4" yaml:"networkDestinationIpV4"`
// The destination IPv6 address of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkdestinationipv6
//
NetworkDestinationIpV6 interface{} `field:"optional" json:"networkDestinationIpV6" yaml:"networkDestinationIpV6"`
// The destination port of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkdestinationport
//
NetworkDestinationPort interface{} `field:"optional" json:"networkDestinationPort" yaml:"networkDestinationPort"`
// Indicates the direction of network traffic associated with a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkdirection
//
NetworkDirection interface{} `field:"optional" json:"networkDirection" yaml:"networkDirection"`
// The protocol of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networkprotocol
//
NetworkProtocol interface{} `field:"optional" json:"networkProtocol" yaml:"networkProtocol"`
// The source domain of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networksourcedomain
//
NetworkSourceDomain interface{} `field:"optional" json:"networkSourceDomain" yaml:"networkSourceDomain"`
// The source IPv4 address of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networksourceipv4
//
NetworkSourceIpV4 interface{} `field:"optional" json:"networkSourceIpV4" yaml:"networkSourceIpV4"`
// The source IPv6 address of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networksourceipv6
//
NetworkSourceIpV6 interface{} `field:"optional" json:"networkSourceIpV6" yaml:"networkSourceIpV6"`
// The source media access control (MAC) address of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networksourcemac
//
NetworkSourceMac interface{} `field:"optional" json:"networkSourceMac" yaml:"networkSourceMac"`
// The source port of network-related information about a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-networksourceport
//
NetworkSourcePort interface{} `field:"optional" json:"networkSourcePort" yaml:"networkSourcePort"`
// The text of a note.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-notetext
//
NoteText interface{} `field:"optional" json:"noteText" yaml:"noteText"`
// The timestamp of when the note was updated.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-noteupdatedat
//
NoteUpdatedAt interface{} `field:"optional" json:"noteUpdatedAt" yaml:"noteUpdatedAt"`
// The principal that created a note.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-noteupdatedby
//
NoteUpdatedBy interface{} `field:"optional" json:"noteUpdatedBy" yaml:"noteUpdatedBy"`
// A timestamp that identifies when the process was launched.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processlaunchedat
//
ProcessLaunchedAt interface{} `field:"optional" json:"processLaunchedAt" yaml:"processLaunchedAt"`
// The name of the process.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processname
//
ProcessName interface{} `field:"optional" json:"processName" yaml:"processName"`
// The parent process ID.
//
// This field accepts positive integers between `O` and `2147483647` .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processparentpid
//
ProcessParentPid interface{} `field:"optional" json:"processParentPid" yaml:"processParentPid"`
// The path to the process executable.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processpath
//
ProcessPath interface{} `field:"optional" json:"processPath" yaml:"processPath"`
// The process ID.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processpid
//
ProcessPid interface{} `field:"optional" json:"processPid" yaml:"processPid"`
// A timestamp that identifies when the process was terminated.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processterminatedat
//
ProcessTerminatedAt interface{} `field:"optional" json:"processTerminatedAt" yaml:"processTerminatedAt"`
// The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-productarn
//
ProductArn interface{} `field:"optional" json:"productArn" yaml:"productArn"`
// A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-productfields
//
ProductFields interface{} `field:"optional" json:"productFields" yaml:"productFields"`
// The name of the solution (product) that generates findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-productname
//
ProductName interface{} `field:"optional" json:"productName" yaml:"productName"`
// The recommendation of what to do about the issue described in a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-recommendationtext
//
RecommendationText interface{} `field:"optional" json:"recommendationText" yaml:"recommendationText"`
// The updated record state for the finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-recordstate
//
RecordState interface{} `field:"optional" json:"recordState" yaml:"recordState"`
// The Region from which the finding was generated.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-region
//
Region interface{} `field:"optional" json:"region" yaml:"region"`
// The solution-generated identifier for a related finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-relatedfindingsid
//
RelatedFindingsId interface{} `field:"optional" json:"relatedFindingsId" yaml:"relatedFindingsId"`
// The ARN of the solution that generated a related finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-relatedfindingsproductarn
//
RelatedFindingsProductArn interface{} `field:"optional" json:"relatedFindingsProductArn" yaml:"relatedFindingsProductArn"`
// The ARN of the application that is related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceapplicationarn
//
ResourceApplicationArn interface{} `field:"optional" json:"resourceApplicationArn" yaml:"resourceApplicationArn"`
// The name of the application that is related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceapplicationname
//
ResourceApplicationName interface{} `field:"optional" json:"resourceApplicationName" yaml:"resourceApplicationName"`
// The IAM profile ARN of the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instanceiaminstanceprofilearn
//
ResourceAwsEc2InstanceIamInstanceProfileArn interface{} `field:"optional" json:"resourceAwsEc2InstanceIamInstanceProfileArn" yaml:"resourceAwsEc2InstanceIamInstanceProfileArn"`
// The Amazon Machine Image (AMI) ID of the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instanceimageid
//
ResourceAwsEc2InstanceImageId interface{} `field:"optional" json:"resourceAwsEc2InstanceImageId" yaml:"resourceAwsEc2InstanceImageId"`
// The IPv4 addresses associated with the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instanceipv4addresses
//
ResourceAwsEc2InstanceIpV4Addresses interface{} `field:"optional" json:"resourceAwsEc2InstanceIpV4Addresses" yaml:"resourceAwsEc2InstanceIpV4Addresses"`
// The IPv6 addresses associated with the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instanceipv6addresses
//
ResourceAwsEc2InstanceIpV6Addresses interface{} `field:"optional" json:"resourceAwsEc2InstanceIpV6Addresses" yaml:"resourceAwsEc2InstanceIpV6Addresses"`
// The key name associated with the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instancekeyname
//
ResourceAwsEc2InstanceKeyName interface{} `field:"optional" json:"resourceAwsEc2InstanceKeyName" yaml:"resourceAwsEc2InstanceKeyName"`
// The date and time the instance was launched.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instancelaunchedat
//
ResourceAwsEc2InstanceLaunchedAt interface{} `field:"optional" json:"resourceAwsEc2InstanceLaunchedAt" yaml:"resourceAwsEc2InstanceLaunchedAt"`
// The identifier of the subnet that the instance was launched in.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instancesubnetid
//
ResourceAwsEc2InstanceSubnetId interface{} `field:"optional" json:"resourceAwsEc2InstanceSubnetId" yaml:"resourceAwsEc2InstanceSubnetId"`
// The instance type of the instance.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instancetype
//
ResourceAwsEc2InstanceType interface{} `field:"optional" json:"resourceAwsEc2InstanceType" yaml:"resourceAwsEc2InstanceType"`
// The identifier of the VPC that the instance was launched in.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsec2instancevpcid
//
ResourceAwsEc2InstanceVpcId interface{} `field:"optional" json:"resourceAwsEc2InstanceVpcId" yaml:"resourceAwsEc2InstanceVpcId"`
// The creation date/time of the IAM access key related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsiamaccesskeycreatedat
//
ResourceAwsIamAccessKeyCreatedAt interface{} `field:"optional" json:"resourceAwsIamAccessKeyCreatedAt" yaml:"resourceAwsIamAccessKeyCreatedAt"`
// The name of the principal that is associated with an IAM access key.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsiamaccesskeyprincipalname
//
ResourceAwsIamAccessKeyPrincipalName interface{} `field:"optional" json:"resourceAwsIamAccessKeyPrincipalName" yaml:"resourceAwsIamAccessKeyPrincipalName"`
// The status of the IAM access key related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsiamaccesskeystatus
//
ResourceAwsIamAccessKeyStatus interface{} `field:"optional" json:"resourceAwsIamAccessKeyStatus" yaml:"resourceAwsIamAccessKeyStatus"`
// This field is deprecated.
//
// The username associated with the IAM access key related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsiamaccesskeyusername
//
ResourceAwsIamAccessKeyUserName interface{} `field:"optional" json:"resourceAwsIamAccessKeyUserName" yaml:"resourceAwsIamAccessKeyUserName"`
// The name of an IAM user.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawsiamuserusername
//
ResourceAwsIamUserUserName interface{} `field:"optional" json:"resourceAwsIamUserUserName" yaml:"resourceAwsIamUserUserName"`
// The canonical user ID of the owner of the S3 bucket.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawss3bucketownerid
//
ResourceAwsS3BucketOwnerId interface{} `field:"optional" json:"resourceAwsS3BucketOwnerId" yaml:"resourceAwsS3BucketOwnerId"`
// The display name of the owner of the S3 bucket.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceawss3bucketownername
//
ResourceAwsS3BucketOwnerName interface{} `field:"optional" json:"resourceAwsS3BucketOwnerName" yaml:"resourceAwsS3BucketOwnerName"`
// The identifier of the image related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcecontainerimageid
//
ResourceContainerImageId interface{} `field:"optional" json:"resourceContainerImageId" yaml:"resourceContainerImageId"`
// The name of the image related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcecontainerimagename
//
ResourceContainerImageName interface{} `field:"optional" json:"resourceContainerImageName" yaml:"resourceContainerImageName"`
// A timestamp that identifies when the container was started.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcecontainerlaunchedat
//
ResourceContainerLaunchedAt interface{} `field:"optional" json:"resourceContainerLaunchedAt" yaml:"resourceContainerLaunchedAt"`
// The name of the container related to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcecontainername
//
ResourceContainerName interface{} `field:"optional" json:"resourceContainerName" yaml:"resourceContainerName"`
// The details of a resource that doesn't have a specific subfield for the resource type defined.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcedetailsother
//
ResourceDetailsOther interface{} `field:"optional" json:"resourceDetailsOther" yaml:"resourceDetailsOther"`
// The canonical identifier for the given resource type.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceid
//
ResourceId interface{} `field:"optional" json:"resourceId" yaml:"resourceId"`
// The canonical AWS partition name that the Region is assigned to.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcepartition
//
ResourcePartition interface{} `field:"optional" json:"resourcePartition" yaml:"resourcePartition"`
// The canonical AWS external Region name where this resource is located.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourceregion
//
ResourceRegion interface{} `field:"optional" json:"resourceRegion" yaml:"resourceRegion"`
// A list of AWS tags associated with a resource at the time the finding was processed.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcetags
//
ResourceTags interface{} `field:"optional" json:"resourceTags" yaml:"resourceTags"`
// Specifies the type of the resource that details are provided for.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcetype
//
ResourceType interface{} `field:"optional" json:"resourceType" yaml:"resourceType"`
// Indicates whether or not sample findings are included in the filter results.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-sample
//
Sample interface{} `field:"optional" json:"sample" yaml:"sample"`
// The label of a finding's severity.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-severitylabel
//
SeverityLabel interface{} `field:"optional" json:"severityLabel" yaml:"severityLabel"`
// Deprecated. The normalized severity of a finding. Instead of providing `Normalized` , provide `Label` .
//
// If you provide `Label` and do not provide `Normalized` , then `Normalized` is set automatically as follows.
//
// - `INFORMATIONAL` - 0
// - `LOW` - 1
// - `MEDIUM` - 40
// - `HIGH` - 70
// - `CRITICAL` - 90.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-severitynormalized
//
SeverityNormalized interface{} `field:"optional" json:"severityNormalized" yaml:"severityNormalized"`
// Deprecated. This attribute isn't included in findings. Instead of providing `Product` , provide `Original` .
//
// The native severity as defined by the AWS service or integrated partner product that generated the finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-severityproduct
//
SeverityProduct interface{} `field:"optional" json:"severityProduct" yaml:"severityProduct"`
// A URL that links to a page about the current finding in the security findings provider's solution.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-sourceurl
//
SourceUrl interface{} `field:"optional" json:"sourceUrl" yaml:"sourceUrl"`
// The category of a threat intelligence indicator.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorcategory
//
ThreatIntelIndicatorCategory interface{} `field:"optional" json:"threatIntelIndicatorCategory" yaml:"threatIntelIndicatorCategory"`
// A timestamp that identifies the last observation of a threat intelligence indicator.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorlastobservedat
//
ThreatIntelIndicatorLastObservedAt interface{} `field:"optional" json:"threatIntelIndicatorLastObservedAt" yaml:"threatIntelIndicatorLastObservedAt"`
// The source of the threat intelligence.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorsource
//
ThreatIntelIndicatorSource interface{} `field:"optional" json:"threatIntelIndicatorSource" yaml:"threatIntelIndicatorSource"`
// The URL for more details from the source of the threat intelligence.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorsourceurl
//
ThreatIntelIndicatorSourceUrl interface{} `field:"optional" json:"threatIntelIndicatorSourceUrl" yaml:"threatIntelIndicatorSourceUrl"`
// The type of a threat intelligence indicator.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatortype
//
ThreatIntelIndicatorType interface{} `field:"optional" json:"threatIntelIndicatorType" yaml:"threatIntelIndicatorType"`
// The value of a threat intelligence indicator.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorvalue
//
ThreatIntelIndicatorValue interface{} `field:"optional" json:"threatIntelIndicatorValue" yaml:"threatIntelIndicatorValue"`
// A finding's title.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-title
//
Title interface{} `field:"optional" json:"title" yaml:"title"`
// A finding type in the format of `namespace/category/classifier` that classifies a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-type
//
Type interface{} `field:"optional" json:"type" yaml:"type"`
// A timestamp that indicates when the security findings provider last updated the finding record.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-updatedat
//
UpdatedAt interface{} `field:"optional" json:"updatedAt" yaml:"updatedAt"`
// A list of name/value string pairs associated with the finding.
//
// These are custom, user-defined fields added to a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-userdefinedfields
//
UserDefinedFields interface{} `field:"optional" json:"userDefinedFields" yaml:"userDefinedFields"`
// The veracity of a finding.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-verificationstate
//
VerificationState interface{} `field:"optional" json:"verificationState" yaml:"verificationState"`
// Indicates whether a software vulnerability in your environment has a known exploit.
//
// You can filter findings by this field only if you use Security Hub and Amazon Inspector.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-vulnerabilitiesexploitavailable
//
VulnerabilitiesExploitAvailable interface{} `field:"optional" json:"vulnerabilitiesExploitAvailable" yaml:"vulnerabilitiesExploitAvailable"`
// Indicates whether a vulnerability is fixed in a newer version of the affected software packages.
//
// You can filter findings by this field only if you use Security Hub and Amazon Inspector.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-vulnerabilitiesfixavailable
//
VulnerabilitiesFixAvailable interface{} `field:"optional" json:"vulnerabilitiesFixAvailable" yaml:"vulnerabilitiesFixAvailable"`
// The workflow state of a finding.
//
// Note that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-workflowstate
//
WorkflowState interface{} `field:"optional" json:"workflowState" yaml:"workflowState"`
// The status of the investigation into a finding. Allowed values are the following.
//
// - `NEW` - The initial state of a finding, before it is reviewed.
//
// Security Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:
//
// - `RecordState` changes from `ARCHIVED` to `ACTIVE` .
// - `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .
// - `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
//
// If one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :
//
// - `RecordState` changes from `ARCHIVED` to `ACTIVE` .
// - `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .
// - `SUPPRESSED` - Indicates that you reviewed the finding and do not believe that any action is needed.
//
// The workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .
// - `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.
//
// The finding remains `RESOLVED` unless one of the following occurs:
//
// - `RecordState` changes from `ARCHIVED` to `ACTIVE` .
// - `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .
//
// In those cases, the workflow status is automatically reset to `NEW` .
//
// For findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-workflowstatus
//
WorkflowStatus interface{} `field:"optional" json:"workflowStatus" yaml:"workflowStatus"`
}
A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
awsSecurityFindingFiltersProperty := &AwsSecurityFindingFiltersProperty{
AwsAccountId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
AwsAccountName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
CompanyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceAssociatedStandardsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceSecurityControlParametersValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ComplianceStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Confidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
CreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
Criticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
Description: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsConfidence: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsCriticality: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
FindingProviderFieldsRelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsRelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsSeverityOriginal: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FindingProviderFieldsTypes: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
FirstObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
GeneratorId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Id: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Keyword: []interface{}{
&KeywordFilterProperty{
Value: jsii.String("value"),
},
},
LastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
MalwareName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwarePath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
MalwareType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkDestinationIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkDestinationPort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NetworkDirection: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkProtocol: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceDomain: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourceIpV4: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceIpV6: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
NetworkSourceMac: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NetworkSourcePort: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
NoteText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
NoteUpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
NoteUpdatedBy: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProcessName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessParentPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessPath: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProcessPid: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
ProcessTerminatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ProductFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ProductName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecommendationText: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RecordState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Region: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
RelatedFindingsProductArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceApplicationName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIamInstanceProfileArn: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceIpV4Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceIpV6Addresses: []interface{}{
&IpFilterProperty{
Cidr: jsii.String("cidr"),
},
},
ResourceAwsEc2InstanceKeyName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsEc2InstanceSubnetId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsEc2InstanceVpcId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyCreatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceAwsIamAccessKeyPrincipalName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamAccessKeyUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsIamUserUserName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceAwsS3BucketOwnerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerImageName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceContainerLaunchedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ResourceContainerName: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceDetailsOther: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceId: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourcePartition: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceRegion: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ResourceTags: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
ResourceType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Sample: []interface{}{
&BooleanFilterProperty{
Value: jsii.Boolean(false),
},
},
SeverityLabel: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
SeverityNormalized: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SeverityProduct: []interface{}{
&NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
},
},
SourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorCategory: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorLastObservedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
ThreatIntelIndicatorSource: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorSourceUrl: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorType: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
ThreatIntelIndicatorValue: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Title: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
Type: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
UpdatedAt: []interface{}{
&DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
},
},
UserDefinedFields: []interface{}{
&MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
},
},
VerificationState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesExploitAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
VulnerabilitiesFixAvailable: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowState: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
WorkflowStatus: []interface{}{
&StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
},
},
}
type CfnInsight_BooleanFilterProperty ¶ added in v2.138.0
type CfnInsight_BooleanFilterProperty struct {
// The value of the boolean.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-booleanfilter.html#cfn-securityhub-insight-booleanfilter-value
//
Value interface{} `field:"required" json:"value" yaml:"value"`
}
Boolean filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
booleanFilterProperty := &BooleanFilterProperty{
Value: jsii.Boolean(false),
}
type CfnInsight_DateFilterProperty ¶ added in v2.138.0
type CfnInsight_DateFilterProperty struct {
// A date range for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html#cfn-securityhub-insight-datefilter-daterange
//
DateRange interface{} `field:"optional" json:"dateRange" yaml:"dateRange"`
// A timestamp that provides the end date for the date filter.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html#cfn-securityhub-insight-datefilter-end
//
End *string `field:"optional" json:"end" yaml:"end"`
// A timestamp that provides the start date for the date filter.
//
// This field accepts only the specified formats. Timestamps can end with `Z` or `("+" / "-") time-hour [":" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
//
// - `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )
// - `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )
// - `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )
// - `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html#cfn-securityhub-insight-datefilter-start
//
Start *string `field:"optional" json:"start" yaml:"start"`
}
A date filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
dateFilterProperty := &DateFilterProperty{
DateRange: &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
},
End: jsii.String("end"),
Start: jsii.String("start"),
}
type CfnInsight_DateRangeProperty ¶ added in v2.138.0
type CfnInsight_DateRangeProperty struct {
// A date range unit for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-daterange.html#cfn-securityhub-insight-daterange-unit
//
Unit *string `field:"required" json:"unit" yaml:"unit"`
// A date range value for the date filter.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-daterange.html#cfn-securityhub-insight-daterange-value
//
Value *float64 `field:"required" json:"value" yaml:"value"`
}
A date range for the date filter.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
dateRangeProperty := &DateRangeProperty{
Unit: jsii.String("unit"),
Value: jsii.Number(123),
}
type CfnInsight_IpFilterProperty ¶ added in v2.138.0
type CfnInsight_IpFilterProperty struct {
// A finding's CIDR value.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-ipfilter.html#cfn-securityhub-insight-ipfilter-cidr
//
Cidr *string `field:"required" json:"cidr" yaml:"cidr"`
}
The IP filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
ipFilterProperty := &IpFilterProperty{
Cidr: jsii.String("cidr"),
}
type CfnInsight_KeywordFilterProperty ¶ added in v2.138.0
type CfnInsight_KeywordFilterProperty struct {
// A value for the keyword.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-keywordfilter.html#cfn-securityhub-insight-keywordfilter-value
//
Value *string `field:"required" json:"value" yaml:"value"`
}
A keyword filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
keywordFilterProperty := &KeywordFilterProperty{
Value: jsii.String("value"),
}
type CfnInsight_MapFilterProperty ¶ added in v2.138.0
type CfnInsight_MapFilterProperty struct {
// The condition to apply to the key value when filtering Security Hub findings with a map filter.
//
// To search for values that have the filter value, use one of the following comparison operators:
//
// - To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.
// - To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.
//
// `CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.
//
// To search for values that don't have the filter value, use one of the following comparison operators:
//
// - To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.
// - To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don’t have the value `Finance` for the `Department` tag.
//
// `NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.
//
// `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.
//
// You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can’t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.
//
// `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-mapfilter.html#cfn-securityhub-insight-mapfilter-comparison
//
Comparison *string `field:"required" json:"comparison" yaml:"comparison"`
// The key of the map filter.
//
// For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-mapfilter.html#cfn-securityhub-insight-mapfilter-key
//
Key *string `field:"required" json:"key" yaml:"key"`
// The value for the key in the map filter.
//
// Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-mapfilter.html#cfn-securityhub-insight-mapfilter-value
//
Value *string `field:"required" json:"value" yaml:"value"`
}
A map filter for filtering AWS Security Hub findings.
Each map filter provides the field to check for, the value to check for, and the comparison operator.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
mapFilterProperty := &MapFilterProperty{
Comparison: jsii.String("comparison"),
Key: jsii.String("key"),
Value: jsii.String("value"),
}
type CfnInsight_NumberFilterProperty ¶ added in v2.138.0
type CfnInsight_NumberFilterProperty struct {
// The equal-to condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-numberfilter.html#cfn-securityhub-insight-numberfilter-eq
//
Eq *float64 `field:"optional" json:"eq" yaml:"eq"`
// The greater-than-equal condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-numberfilter.html#cfn-securityhub-insight-numberfilter-gte
//
Gte *float64 `field:"optional" json:"gte" yaml:"gte"`
// The less-than-equal condition to be applied to a single field when querying for findings.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-numberfilter.html#cfn-securityhub-insight-numberfilter-lte
//
Lte *float64 `field:"optional" json:"lte" yaml:"lte"`
}
A number filter for querying findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
numberFilterProperty := &NumberFilterProperty{
Eq: jsii.Number(123),
Gte: jsii.Number(123),
Lte: jsii.Number(123),
}
type CfnInsight_StringFilterProperty ¶ added in v2.138.0
type CfnInsight_StringFilterProperty struct {
// The condition to apply to a string value when filtering Security Hub findings.
//
// To search for values that have the filter value, use one of the following comparison operators:
//
// - To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.
// - To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .
// - To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.
//
// `CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.
//
// To search for values that don’t have the filter value, use one of the following comparison operators:
//
// - To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.
// - To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .
// - To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .
//
// `NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.
//
// You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.
//
// You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.
//
// For example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .
//
// - `ResourceType PREFIX AwsIam`
// - `ResourceType PREFIX AwsEc2`
// - `ResourceType NOT_EQUALS AwsIamPolicy`
// - `ResourceType NOT_EQUALS AwsEc2NetworkInterface`
//
// `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-stringfilter.html#cfn-securityhub-insight-stringfilter-comparison
//
Comparison *string `field:"required" json:"comparison" yaml:"comparison"`
// The string filter value.
//
// Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-stringfilter.html#cfn-securityhub-insight-stringfilter-value
//
Value *string `field:"required" json:"value" yaml:"value"`
}
A string filter for filtering AWS Security Hub findings.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
stringFilterProperty := &StringFilterProperty{
Comparison: jsii.String("comparison"),
Value: jsii.String("value"),
}
type CfnProductSubscription ¶ added in v2.138.0
type CfnProductSubscription interface {
awscdk.CfnResource
awscdk.IInspectable
// The ARN of your subscription to the product to enable integrations for.
AttrProductSubscriptionArn() *string
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The tree node.
Node() constructs.Node
// The ARN of the product to enable the integration for.
ProductArn() *string
SetProductArn(val *string)
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::ProductSubscription` resource creates a subscription to a third-party product that generates findings that you want to receive in AWS Security Hub .
For a list of integrations to third-party products, see [Available third-party partner product integrations](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-partner-providers.html) in the *AWS Security Hub User Guide* .
To change a product subscription, remove the current product subscription resource, and then create a new one.
Tags aren't supported for this resource.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnProductSubscription := awscdk.Aws_securityhub.NewCfnProductSubscription(this, jsii.String("MyCfnProductSubscription"), &CfnProductSubscriptionProps{
ProductArn: jsii.String("productArn"),
})
func NewCfnProductSubscription ¶ added in v2.138.0
func NewCfnProductSubscription(scope constructs.Construct, id *string, props *CfnProductSubscriptionProps) CfnProductSubscription
type CfnProductSubscriptionProps ¶ added in v2.138.0
type CfnProductSubscriptionProps struct {
// The ARN of the product to enable the integration for.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-productsubscription.html#cfn-securityhub-productsubscription-productarn
//
ProductArn *string `field:"required" json:"productArn" yaml:"productArn"`
}
Properties for defining a `CfnProductSubscription`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnProductSubscriptionProps := &CfnProductSubscriptionProps{
ProductArn: jsii.String("productArn"),
}
type CfnStandard ¶ added in v2.85.0
type CfnStandard interface {
awscdk.CfnResource
awscdk.IInspectable
// The ARN of a resource that represents your subscription to a supported standard.
AttrStandardsSubscriptionArn() *string
// Options for this resource, such as condition, update policy etc.
CfnOptions() awscdk.ICfnResourceOptions
CfnProperties() *map[string]interface{}
// AWS resource type.
CfnResourceType() *string
// Returns: the stack trace of the point where this Resource was created from, sourced
// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
// node +internal+ entries filtered.
CreationStack() *[]*string
// Specifies which controls are to be disabled in a standard.
DisabledStandardsControls() interface{}
SetDisabledStandardsControls(val interface{})
// The logical ID for this CloudFormation stack element.
//
// The logical ID of the element
// is calculated from the path of the resource node in the construct tree.
//
// To override this value, use `overrideLogicalId(newLogicalId)`.
//
// Returns: the logical ID as a stringified token. This value will only get
// resolved during synthesis.
LogicalId() *string
// The tree node.
Node() constructs.Node
// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
//
// If, by any chance, the intrinsic reference of a resource is not a string, you could
// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
Ref() *string
// The stack in which this element is defined.
//
// CfnElements must be defined within a stack scope (directly or indirectly).
Stack() awscdk.Stack
// The ARN of the standard that you want to enable.
StandardsArn() *string
SetStandardsArn(val *string)
// Deprecated.
// Deprecated: use `updatedProperties`
//
// Return properties modified after initiation
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperites() *map[string]interface{}
// Return properties modified after initiation.
//
// Resources that expose mutable properties should override this function to
// collect and return the properties object for this resource.
UpdatedProperties() *map[string]interface{}
// Syntactic sugar for `addOverride(path, undefined)`.
AddDeletionOverride(path *string)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
//
// This can be used for resources across stacks (or nested stack) boundaries
// and the dependency will automatically be transferred to the relevant scope.
AddDependency(target awscdk.CfnResource)
// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
// Deprecated: use addDependency.
AddDependsOn(target awscdk.CfnResource)
// Add a value to the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
AddMetadata(key *string, value interface{})
// Adds an override to the synthesized CloudFormation resource.
//
// To add a
// property override, either use `addPropertyOverride` or prefix `path` with
// "Properties." (i.e. `Properties.TopicName`).
//
// If the override is nested, separate each nested level using a dot (.) in the path parameter.
// If there is an array as part of the nesting, specify the index in the path.
//
// To include a literal `.` in the property name, prefix with a `\`. In most
// programming languages you will need to write this as `"\\."` because the
// `\` itself will need to be escaped.
//
// For example,
// “`typescript
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
// “`
// would add the overrides
// “`json
// "Properties": {
// "GlobalSecondaryIndexes": [
// {
// "Projection": {
// "NonKeyAttributes": [ "myattribute" ]
// ...
// }
// ...
// },
// {
// "ProjectionType": "INCLUDE"
// ...
// },
// ]
// ...
// }
// “`
//
// The `value` argument to `addOverride` will not be processed or translated
// in any way. Pass raw JSON values in here with the correct capitalization
// for CloudFormation. If you pass CDK classes or structs, they will be
// rendered with lowercased key names, and CloudFormation will reject the
// template.
AddOverride(path *string, value interface{})
// Adds an override that deletes the value of a property from the resource definition.
AddPropertyDeletionOverride(propertyPath *string)
// Adds an override to a resource property.
//
// Syntactic sugar for `addOverride("Properties.<...>", value)`.
AddPropertyOverride(propertyPath *string, value interface{})
// Sets the deletion policy of the resource based on the removal policy specified.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
// cases, a snapshot can be taken of the resource prior to deletion
// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
// can be found in the following link:.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
//
ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
// Returns a token for an runtime attribute of this resource.
//
// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
// in case there is no generated attribute.
GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
// Retrieve a value value from the CloudFormation Resource Metadata.
// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
//
// Note that this is a different set of metadata from CDK node metadata; this
// metadata ends up in the stack template under the resource, whereas CDK
// node metadata ends up in the Cloud Assembly.
//
GetMetadata(key *string) interface{}
// Examines the CloudFormation resource and discloses attributes.
Inspect(inspector awscdk.TreeInspector)
// Retrieves an array of resources this resource depends on.
//
// This assembles dependencies on resources across stacks (including nested stacks)
// automatically.
ObtainDependencies() *[]interface{}
// Get a shallow copy of dependencies between this resource and other resources in the same stack.
ObtainResourceDependencies() *[]awscdk.CfnResource
// Overrides the auto-generated logical ID with a specific ID.
OverrideLogicalId(newLogicalId *string)
// Indicates that this resource no longer depends on another resource.
//
// This can be used for resources across stacks (including nested stacks)
// and the dependency will automatically be removed from the relevant scope.
RemoveDependency(target awscdk.CfnResource)
RenderProperties(props *map[string]interface{}) *map[string]interface{}
// Replaces one dependency with another.
ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
//
// Returns: `true` if the resource should be included or `false` is the resource
// should be omitted.
ShouldSynthesize() *bool
// Returns a string representation of this construct.
//
// Returns: a string representation of this resource.
ToString() *string
ValidateProperties(_properties interface{})
}
The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard.
The standard is identified by the `StandardsArn` property. To view a list of Security Hub standards and their Amazon Resource Names (ARNs), use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable.
For more information about Security Hub standards, see [Security Hub standards reference](https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html) in the *AWS Security Hub User Guide* .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnStandard := awscdk.Aws_securityhub.NewCfnStandard(this, jsii.String("MyCfnStandard"), &CfnStandardProps{
StandardsArn: jsii.String("standardsArn"),
// the properties below are optional
DisabledStandardsControls: []interface{}{
&StandardsControlProperty{
StandardsControlArn: jsii.String("standardsControlArn"),
// the properties below are optional
Reason: jsii.String("reason"),
},
},
})
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html
func NewCfnStandard ¶ added in v2.85.0
func NewCfnStandard(scope constructs.Construct, id *string, props *CfnStandardProps) CfnStandard
type CfnStandardProps ¶ added in v2.85.0
type CfnStandardProps struct {
// The ARN of the standard that you want to enable.
//
// To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html#cfn-securityhub-standard-standardsarn
//
StandardsArn *string `field:"required" json:"standardsArn" yaml:"standardsArn"`
// Specifies which controls are to be disabled in a standard.
//
// *Maximum* : `100`.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html#cfn-securityhub-standard-disabledstandardscontrols
//
DisabledStandardsControls interface{} `field:"optional" json:"disabledStandardsControls" yaml:"disabledStandardsControls"`
}
Properties for defining a `CfnStandard`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
cfnStandardProps := &CfnStandardProps{
StandardsArn: jsii.String("standardsArn"),
// the properties below are optional
DisabledStandardsControls: []interface{}{
&StandardsControlProperty{
StandardsControlArn: jsii.String("standardsControlArn"),
// the properties below are optional
Reason: jsii.String("reason"),
},
},
}
See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-standard.html
type CfnStandard_StandardsControlProperty ¶ added in v2.85.0
type CfnStandard_StandardsControlProperty struct {
// The Amazon Resource Name (ARN) of the control.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-standard-standardscontrol.html#cfn-securityhub-standard-standardscontrol-standardscontrolarn
//
StandardsControlArn *string `field:"required" json:"standardsControlArn" yaml:"standardsControlArn"`
// A user-defined reason for changing a control's enablement status in a specified standard.
//
// If you are disabling a control, then this property is required.
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-standard-standardscontrol.html#cfn-securityhub-standard-standardscontrol-reason
//
Reason *string `field:"optional" json:"reason" yaml:"reason"`
}
Provides details about an individual security control.
For a list of Security Hub controls, see [Security Hub controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *AWS Security Hub User Guide* .
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
standardsControlProperty := &StandardsControlProperty{
StandardsControlArn: jsii.String("standardsControlArn"),
// the properties below are optional
Reason: jsii.String("reason"),
}
Source Files
¶
- CfnAutomationRule.go
- CfnAutomationRuleProps.go
- CfnAutomationRule_AutomationRulesActionProperty.go
- CfnAutomationRule_AutomationRulesFindingFieldsUpdateProperty.go
- CfnAutomationRule_AutomationRulesFindingFiltersProperty.go
- CfnAutomationRule_DateFilterProperty.go
- CfnAutomationRule_DateRangeProperty.go
- CfnAutomationRule_MapFilterProperty.go
- CfnAutomationRule_NoteUpdateProperty.go
- CfnAutomationRule_NumberFilterProperty.go
- CfnAutomationRule_RelatedFindingProperty.go
- CfnAutomationRule_SeverityUpdateProperty.go
- CfnAutomationRule_StringFilterProperty.go
- CfnAutomationRule_WorkflowUpdateProperty.go
- CfnAutomationRule__checks.go
- CfnDelegatedAdmin.go
- CfnDelegatedAdminProps.go
- CfnDelegatedAdmin__checks.go
- CfnHub.go
- CfnHubProps.go
- CfnHub__checks.go
- CfnInsight.go
- CfnInsightProps.go
- CfnInsight_AwsSecurityFindingFiltersProperty.go
- CfnInsight_BooleanFilterProperty.go
- CfnInsight_DateFilterProperty.go
- CfnInsight_DateRangeProperty.go
- CfnInsight_IpFilterProperty.go
- CfnInsight_KeywordFilterProperty.go
- CfnInsight_MapFilterProperty.go
- CfnInsight_NumberFilterProperty.go
- CfnInsight_StringFilterProperty.go
- CfnInsight__checks.go
- CfnProductSubscription.go
- CfnProductSubscriptionProps.go
- CfnProductSubscription__checks.go
- CfnStandard.go
- CfnStandardProps.go
- CfnStandard_StandardsControlProperty.go
- CfnStandard__checks.go
- main.go
Directories
Click to show internal directories.
Click to hide internal directories.