securityhub

package
v0.0.96 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 22, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Hub_ARN_FORMAT 

func Hub_ARN_FORMAT() awscdk.ArnFormat

func Hub_IsConstruct 

func Hub_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func Hub_IsOwnedResource 

func Hub_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Hub_IsResource 

func Hub_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func NewHub_Override 

func NewHub_Override(h Hub, scope constructs.IConstruct, id *string, props *HubProps)

func NewStandard_Override 

func NewStandard_Override(s Standard, scope constructs.IConstruct, id *string, props *StandardProps)

func RuleSet_ARN_FORMAT 

func RuleSet_ARN_FORMAT() awscdk.ArnFormat

func Standard_ARN_FORMAT 

func Standard_ARN_FORMAT() awscdk.ArnFormat

func Standard_IsConstruct 

func Standard_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.

func Standard_IsOwnedResource 

func Standard_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Standard_IsResource 

func Standard_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

Types

type ControlFindingGenerator 

type ControlFindingGenerator interface {
	Value() *string
}

func ControlFindingGenerator_Of 

func ControlFindingGenerator_Of(value *string) ControlFindingGenerator

func ControlFindingGenerator_SECURITY_CONTROL 

func ControlFindingGenerator_SECURITY_CONTROL() ControlFindingGenerator

func ControlFindingGenerator_STANDARD_CONTROL 

func ControlFindingGenerator_STANDARD_CONTROL() ControlFindingGenerator

type DisableControlOptions 

type DisableControlOptions struct {
	Reason *string `field:"required" json:"reason" yaml:"reason"`
}

type Hub 

type Hub interface {
	awscdk.Resource
	IHub
	AutoEnableControls() *bool
	ConsolidatedFindings() *bool
	ControlFindingGenerator() ControlFindingGenerator
	EnableDefaultStandards() *bool
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	HubArn() *string
	HubName() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awssecurityhub.CfnHub
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewHub 

func NewHub(scope constructs.IConstruct, id *string, props *HubProps) Hub

type HubAttributes 

type HubAttributes struct {
	Arn  *string `field:"optional" json:"arn" yaml:"arn"`
	Name *string `field:"optional" json:"name" yaml:"name"`
}

type HubProps 

type HubProps struct {
	// The AWS account ID this resource belongs to.
	// Default: - the resource is in the same account as the stack it belongs to.
	//
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	// Default: - take environment from `account`, `region` parameters, or use Stack environment.
	//
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	// Default: - The physical name will be allocated by CloudFormation at deployment time.
	//
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	// Default: - the resource is in the same region as the stack it belongs to.
	//
	Region                 *string `field:"optional" json:"region" yaml:"region"`
	AutoEnableControls     *bool   `field:"optional" json:"autoEnableControls" yaml:"autoEnableControls"`
	ConsolidatedFindings   *bool   `field:"optional" json:"consolidatedFindings" yaml:"consolidatedFindings"`
	EnableDefaultStandards *bool   `field:"optional" json:"enableDefaultStandards" yaml:"enableDefaultStandards"`
}

type IHub 

type IHub interface {
	HubArn() *string
	HubName() *string
}

func Hub_FromHubArn 

func Hub_FromHubArn(scope constructs.IConstruct, id *string, arn *string) IHub

func Hub_FromHubAttributes 

func Hub_FromHubAttributes(scope constructs.IConstruct, id *string, attrs *HubAttributes) IHub

func Hub_FromHubName 

func Hub_FromHubName(scope constructs.IConstruct, id *string, name *string) IHub

type IStandard 

type IStandard interface {
	awscdk.IResource
	StandardArn() *string
}

func Standard_FromStandardArn 

func Standard_FromStandardArn(scope constructs.IConstruct, id *string, arn *string) IStandard

type RuleSet 

type RuleSet interface {
	Bind(scope constructs.IConstruct) *ScopedRuleSet
}

func RuleSet_CIS_FOUNDATIONS_1_2_0 

func RuleSet_CIS_FOUNDATIONS_1_2_0() RuleSet

func RuleSet_CIS_FOUNDATIONS_1_4_0 

func RuleSet_CIS_FOUNDATIONS_1_4_0() RuleSet

func RuleSet_FOUNDATIONAL_BEST_PRACTICES_1_0_0 

func RuleSet_FOUNDATIONAL_BEST_PRACTICES_1_0_0() RuleSet

func RuleSet_NIST_800_53_5_0_0 

func RuleSet_NIST_800_53_5_0_0() RuleSet

func RuleSet_PCI_DSS_3_2_1 

func RuleSet_PCI_DSS_3_2_1() RuleSet

type RuleSetProps 

type RuleSetProps struct {
	Id          *string `field:"required" json:"id" yaml:"id"`
	Version     *string `field:"required" json:"version" yaml:"version"`
	Default     *bool   `field:"optional" json:"default" yaml:"default"`
	Description *string `field:"optional" json:"description" yaml:"description"`
	Global      *bool   `field:"optional" json:"global" yaml:"global"`
	Name        *string `field:"optional" json:"name" yaml:"name"`
}

type ScopedRuleSet 

type ScopedRuleSet struct {
	Arn         *string `field:"required" json:"arn" yaml:"arn"`
	Id          *string `field:"required" json:"id" yaml:"id"`
	Version     *string `field:"required" json:"version" yaml:"version"`
	Default     *bool   `field:"optional" json:"default" yaml:"default"`
	Description *string `field:"optional" json:"description" yaml:"description"`
	Name        *string `field:"optional" json:"name" yaml:"name"`
}

type Standard 

type Standard interface {
	awscdk.Resource
	IStandard
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	Resource() awssecurityhub.CfnStandard
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	StandardArn() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	DisableControl(control *string, options *DisableControlOptions)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

func NewStandard 

func NewStandard(scope constructs.IConstruct, id *string, props *StandardProps) Standard

type StandardProps 

type StandardProps struct {
	// The AWS account ID this resource belongs to.
	// Default: - the resource is in the same account as the stack it belongs to.
	//
	Account *string `field:"optional" json:"account" yaml:"account"`
	// ARN to deduce region and account from.
	//
	// The ARN is parsed and the account and region are taken from the ARN.
	// This should be used for imported resources.
	//
	// Cannot be supplied together with either `account` or `region`.
	// Default: - take environment from `account`, `region` parameters, or use Stack environment.
	//
	EnvironmentFromArn *string `field:"optional" json:"environmentFromArn" yaml:"environmentFromArn"`
	// The value passed in by users to the physical name prop of the resource.
	//
	// - `undefined` implies that a physical name will be allocated by
	//   CloudFormation during deployment.
	// - a concrete value implies a specific physical name
	// - `PhysicalName.GENERATE_IF_NEEDED` is a marker that indicates that a physical will only be generated
	//   by the CDK if it is needed for cross-environment references. Otherwise, it will be allocated by CloudFormation.
	// Default: - The physical name will be allocated by CloudFormation at deployment time.
	//
	PhysicalName *string `field:"optional" json:"physicalName" yaml:"physicalName"`
	// The AWS region this resource belongs to.
	// Default: - the resource is in the same region as the stack it belongs to.
	//
	Region           *string    `field:"optional" json:"region" yaml:"region"`
	RuleSet          RuleSet    `field:"required" json:"ruleSet" yaml:"ruleSet"`
	DisabledControls *[]*string `field:"optional" json:"disabledControls" yaml:"disabledControls"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.