Documentation ¶
Index ¶
- func Hub_ARN_FORMAT() awscdk.ArnFormat
- func Hub_IsConstruct(x interface{}) *bool
- func Hub_IsOwnedResource(construct constructs.IConstruct) *bool
- func Hub_IsResource(construct constructs.IConstruct) *bool
- func NewHub_Override(h Hub, scope constructs.IConstruct, id *string, props *HubProps)
- func NewStandard_Override(s Standard, scope constructs.IConstruct, id *string, props *StandardProps)
- func RuleSet_ARN_FORMAT() awscdk.ArnFormat
- func Standard_ARN_FORMAT() awscdk.ArnFormat
- func Standard_IsConstruct(x interface{}) *bool
- func Standard_IsOwnedResource(construct constructs.IConstruct) *bool
- func Standard_IsResource(construct constructs.IConstruct) *bool
- type ControlFindingGenerator
- type DisableControlOptions
- type Hub
- type HubAttributes
- type HubProps
- type IHub
- type IStandard
- type RuleSet
- type RuleSetProps
- type ScopedRuleSet
- type Standard
- type StandardProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Hub_ARN_FORMAT ¶
func Hub_ARN_FORMAT() awscdk.ArnFormat
func Hub_IsConstruct ¶
func Hub_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func Hub_IsOwnedResource ¶
func Hub_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func Hub_IsResource ¶
func Hub_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NewHub_Override ¶
func NewStandard_Override ¶
func NewStandard_Override(s Standard, scope constructs.IConstruct, id *string, props *StandardProps)
func RuleSet_ARN_FORMAT ¶
func RuleSet_ARN_FORMAT() awscdk.ArnFormat
func Standard_ARN_FORMAT ¶
func Standard_ARN_FORMAT() awscdk.ArnFormat
func Standard_IsConstruct ¶
func Standard_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func Standard_IsOwnedResource ¶
func Standard_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func Standard_IsResource ¶
func Standard_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
Types ¶
type ControlFindingGenerator ¶
type ControlFindingGenerator interface {
Value() *string
}
func ControlFindingGenerator_Of ¶
func ControlFindingGenerator_Of(value *string) ControlFindingGenerator
func ControlFindingGenerator_SECURITY_CONTROL ¶
func ControlFindingGenerator_SECURITY_CONTROL() ControlFindingGenerator
func ControlFindingGenerator_STANDARD_CONTROL ¶
func ControlFindingGenerator_STANDARD_CONTROL() ControlFindingGenerator
type DisableControlOptions ¶
type DisableControlOptions struct {
Reason *string `field:"required" json:"reason" yaml:"reason"`
}
type Hub ¶
type Hub interface { awscdk.Resource IHub AutoEnableControls() *bool ConsolidatedFindings() *bool ControlFindingGenerator() ControlFindingGenerator EnableDefaultStandards() *bool // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment HubArn() *string HubName() *string // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string Resource() awssecurityhub.CfnHub // The stack in which this resource is defined. Stack() awscdk.Stack // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string }
type HubAttributes ¶
type HubProps ¶
type HubProps struct { // The AWS account ID this resource belongs to. // Default: - the resource is in the same account as the stack it belongs to. // Account *string `field:"optional" json:"account" yaml:"account"` // ARN to deduce region and account from. // // The ARN is parsed and the account and region are taken from the ARN. // This should be used for imported resources. // // Cannot be supplied together with either `account` or `region`. // Default: - take environment from `account`, `region` parameters, or use Stack environment. // EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"` // The value passed in by users to the physical name prop of the resource. // // - `undefined` implies that a physical name will be allocated by // CloudFormation during deployment. // - a concrete value implies a specific physical name // - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated // by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation. // Default: - The physical name will be allocated by CloudFormation at deployment time. // PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"` // The AWS region this resource belongs to. // Default: - the resource is in the same region as the stack it belongs to. // Region *string `field:"optional" json:"region" yaml:"region"` AutoEnableControls *bool `field:"optional" json:"autoEnableControls" yaml:"autoEnableControls"` ConsolidatedFindings *bool `field:"optional" json:"consolidatedFindings" yaml:"consolidatedFindings"` EnableDefaultStandards *bool `field:"optional" json:"enableDefaultStandards" yaml:"enableDefaultStandards"` }
type IHub ¶
func Hub_FromHubArn ¶
func Hub_FromHubAttributes ¶
func Hub_FromHubAttributes(scope constructs.IConstruct, id *string, attrs *HubAttributes) IHub
func Hub_FromHubName ¶
type IStandard ¶
type IStandard interface {
awscdk.IResource
StandardArn() *string
}
type RuleSet ¶
type RuleSet interface {
Bind(scope constructs.IConstruct) *ScopedRuleSet
}
func RuleSet_CIS_FOUNDATIONS_1_2_0 ¶
func RuleSet_CIS_FOUNDATIONS_1_2_0() RuleSet
func RuleSet_CIS_FOUNDATIONS_1_4_0 ¶
func RuleSet_CIS_FOUNDATIONS_1_4_0() RuleSet
func RuleSet_FOUNDATIONAL_BEST_PRACTICES_1_0_0 ¶
func RuleSet_FOUNDATIONAL_BEST_PRACTICES_1_0_0() RuleSet
func RuleSet_NIST_800_53_5_0_0 ¶
func RuleSet_NIST_800_53_5_0_0() RuleSet
func RuleSet_PCI_DSS_3_2_1 ¶
func RuleSet_PCI_DSS_3_2_1() RuleSet
type RuleSetProps ¶
type RuleSetProps struct { Id *string `field:"required" json:"id" yaml:"id"` Version *string `field:"required" json:"version" yaml:"version"` Default *bool `field:"optional" json:"default" yaml:"default"` Description *string `field:"optional" json:"description" yaml:"description"` Global *bool `field:"optional" json:"global" yaml:"global"` Name *string `field:"optional" json:"name" yaml:"name"` }
type ScopedRuleSet ¶
type ScopedRuleSet struct { Arn *string `field:"required" json:"arn" yaml:"arn"` Id *string `field:"required" json:"id" yaml:"id"` Version *string `field:"required" json:"version" yaml:"version"` Default *bool `field:"optional" json:"default" yaml:"default"` Description *string `field:"optional" json:"description" yaml:"description"` Name *string `field:"optional" json:"name" yaml:"name"` }
type Standard ¶
type Standard interface { awscdk.Resource IStandard // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The tree node. Node() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string Resource() awssecurityhub.CfnStandard // The stack in which this resource is defined. Stack() awscdk.Stack StandardArn() *string // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) DisableControl(control *string, options *DisableControlOptions) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Returns a string representation of this construct. ToString() *string }
func NewStandard ¶
func NewStandard(scope constructs.IConstruct, id *string, props *StandardProps) Standard
type StandardProps ¶
type StandardProps struct { // The AWS account ID this resource belongs to. // Default: - the resource is in the same account as the stack it belongs to. // Account *string `field:"optional" json:"account" yaml:"account"` // ARN to deduce region and account from. // // The ARN is parsed and the account and region are taken from the ARN. // This should be used for imported resources. // // Cannot be supplied together with either `account` or `region`. // Default: - take environment from `account`, `region` parameters, or use Stack environment. // EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"` // The value passed in by users to the physical name prop of the resource. // // - `undefined` implies that a physical name will be allocated by // CloudFormation during deployment. // - a concrete value implies a specific physical name // - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated // by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation. // Default: - The physical name will be allocated by CloudFormation at deployment time. // PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"` // The AWS region this resource belongs to. // Default: - the resource is in the same region as the stack it belongs to. // Region *string `field:"optional" json:"region" yaml:"region"` RuleSet RuleSet `field:"required" json:"ruleSet" yaml:"ruleSet"` DisabledControls *[]*string `field:"optional" json:"disabledControls" yaml:"disabledControls"` }
Source Files ¶
Click to show internal directories.
Click to hide internal directories.