AWS Native v0.109.0, Jun 26 24

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

aws-native.securityhub.ConfigurationPolicy

Explore with Pulumi AI

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

Create ConfigurationPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ConfigurationPolicy(name: string, args: ConfigurationPolicyArgs, opts?: CustomResourceOptions);

@overload
def ConfigurationPolicy(resource_name: str,
                        args: ConfigurationPolicyArgs,
                        opts: Optional[ResourceOptions] = None)

@overload
def ConfigurationPolicy(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        configuration_policy: Optional[ConfigurationPolicyPolicyArgs] = None,
                        description: Optional[str] = None,
                        name: Optional[str] = None,
                        tags: Optional[Mapping[str, str]] = None)

func NewConfigurationPolicy(ctx *Context, name string, args ConfigurationPolicyArgs, opts ...ResourceOption) (*ConfigurationPolicy, error)

public ConfigurationPolicy(string name, ConfigurationPolicyArgs args, CustomResourceOptions? opts = null)

public ConfigurationPolicy(String name, ConfigurationPolicyArgs args)
public ConfigurationPolicy(String name, ConfigurationPolicyArgs args, CustomResourceOptions options)

type: aws-native:securityhub:ConfigurationPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ConfigurationPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ConfigurationPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ConfigurationPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ConfigurationPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ConfigurationPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

ConfigurationPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The ConfigurationPolicy resource accepts the following input properties:

ConfigurationPolicyValue Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicyPolicy: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
Description string: The description of the configuration policy.
Name string: The name of the configuration policy.
Tags Dictionary<string, string>: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

ConfigurationPolicy ConfigurationPolicyPolicyArgs: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
Description string: The description of the configuration policy.
Name string: The name of the configuration policy.
Tags map[string]string: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

configurationPolicy ConfigurationPolicyPolicy: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
description String: The description of the configuration policy.
name String: The name of the configuration policy.
tags Map<String,String>: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

configurationPolicy ConfigurationPolicyPolicy: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
description string: The description of the configuration policy.
name string: The name of the configuration policy.
tags {[key: string]: string}: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

configuration_policy ConfigurationPolicyPolicyArgs: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
description str: The description of the configuration policy.
name str: The name of the configuration policy.
tags Mapping[str, str]: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

configurationPolicy Property Map: An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
description String: The description of the configuration policy.
name String: The name of the configuration policy.
tags Map<String>: User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .

Outputs

All input properties are implicitly available as output properties. Additionally, the ConfigurationPolicy resource produces the following output properties:

Arn string: The Amazon Resource Name (ARN) of the configuration policy.
AwsId string: The universally unique identifier (UUID) of the configuration policy.
CreatedAt string: The date and time, in UTC and ISO 8601 format.
Id string: The provider-assigned unique ID for this managed resource.
ServiceEnabled bool: Indicates whether the service that the configuration policy applies to is enabled in the policy.
UpdatedAt string: The date and time, in UTC and ISO 8601 format.

Arn string: The Amazon Resource Name (ARN) of the configuration policy.
AwsId string: The universally unique identifier (UUID) of the configuration policy.
CreatedAt string: The date and time, in UTC and ISO 8601 format.
Id string: The provider-assigned unique ID for this managed resource.
ServiceEnabled bool: Indicates whether the service that the configuration policy applies to is enabled in the policy.
UpdatedAt string: The date and time, in UTC and ISO 8601 format.

arn String: The Amazon Resource Name (ARN) of the configuration policy.
awsId String: The universally unique identifier (UUID) of the configuration policy.
createdAt String: The date and time, in UTC and ISO 8601 format.
id String: The provider-assigned unique ID for this managed resource.
serviceEnabled Boolean: Indicates whether the service that the configuration policy applies to is enabled in the policy.
updatedAt String: The date and time, in UTC and ISO 8601 format.

arn string: The Amazon Resource Name (ARN) of the configuration policy.
awsId string: The universally unique identifier (UUID) of the configuration policy.
createdAt string: The date and time, in UTC and ISO 8601 format.
id string: The provider-assigned unique ID for this managed resource.
serviceEnabled boolean: Indicates whether the service that the configuration policy applies to is enabled in the policy.
updatedAt string: The date and time, in UTC and ISO 8601 format.

arn str: The Amazon Resource Name (ARN) of the configuration policy.
aws_id str: The universally unique identifier (UUID) of the configuration policy.
created_at str: The date and time, in UTC and ISO 8601 format.
id str: The provider-assigned unique ID for this managed resource.
service_enabled bool: Indicates whether the service that the configuration policy applies to is enabled in the policy.
updated_at str: The date and time, in UTC and ISO 8601 format.

arn String: The Amazon Resource Name (ARN) of the configuration policy.
awsId String: The universally unique identifier (UUID) of the configuration policy.
createdAt String: The date and time, in UTC and ISO 8601 format.
id String: The provider-assigned unique ID for this managed resource.
serviceEnabled Boolean: Indicates whether the service that the configuration policy applies to is enabled in the policy.
updatedAt String: The date and time, in UTC and ISO 8601 format.

Supporting Types

ConfigurationPolicyParameterConfiguration, ConfigurationPolicyParameterConfigurationArgs

ValueType Pulumi.AwsNative.SecurityHub.ConfigurationPolicyParameterConfigurationValueType: Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
Value Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicyParameterValue

ValueType ConfigurationPolicyParameterConfigurationValueType: Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
Value ConfigurationPolicyParameterValue

valueType ConfigurationPolicyParameterConfigurationValueType: Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
value ConfigurationPolicyParameterValue

valueType ConfigurationPolicyParameterConfigurationValueType: Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
value ConfigurationPolicyParameterValue

value_type ConfigurationPolicyParameterConfigurationValueType: Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
value ConfigurationPolicyParameterValue

valueType "DEFAULT" | "CUSTOM": Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
value Property Map

ConfigurationPolicyParameterConfigurationValueType, ConfigurationPolicyParameterConfigurationValueTypeArgs

Default: DEFAULT
Custom: CUSTOM

ConfigurationPolicyParameterConfigurationValueTypeDefault: DEFAULT
ConfigurationPolicyParameterConfigurationValueTypeCustom: CUSTOM

Default: DEFAULT
Custom: CUSTOM

Default: DEFAULT
Custom: CUSTOM

DEFAULT: DEFAULT
CUSTOM: CUSTOM

"DEFAULT": DEFAULT
"CUSTOM": CUSTOM

ConfigurationPolicyParameterValue, ConfigurationPolicyParameterValueArgs

Boolean bool: A control parameter that is a boolean.
Double double: A control parameter that is a double.
Enum string: A control parameter that is an enum.
EnumList List<string>: A control parameter that is a list of enums.
Integer int: A control parameter that is an integer.
IntegerList List<int>: A control parameter that is a list of integers.
String string: A control parameter that is a string.
StringList List<string>: A control parameter that is a list of strings.

Boolean bool: A control parameter that is a boolean.
Double float64: A control parameter that is a double.
Enum string: A control parameter that is an enum.
EnumList []string: A control parameter that is a list of enums.
Integer int: A control parameter that is an integer.
IntegerList []int: A control parameter that is a list of integers.
String string: A control parameter that is a string.
StringList []string: A control parameter that is a list of strings.

boolean_ Boolean: A control parameter that is a boolean.
double_ Double: A control parameter that is a double.
enumList List<String>: A control parameter that is a list of enums.
enum_ String: A control parameter that is an enum.
integer Integer: A control parameter that is an integer.
integerList List<Integer>: A control parameter that is a list of integers.
string String: A control parameter that is a string.
stringList List<String>: A control parameter that is a list of strings.

boolean boolean: A control parameter that is a boolean.
double number: A control parameter that is a double.
enum string: A control parameter that is an enum.
enumList string[]: A control parameter that is a list of enums.
integer number: A control parameter that is an integer.
integerList number[]: A control parameter that is a list of integers.
string string: A control parameter that is a string.
stringList string[]: A control parameter that is a list of strings.

boolean bool: A control parameter that is a boolean.
double float: A control parameter that is a double.
enum str: A control parameter that is an enum.
enum_list Sequence[str]: A control parameter that is a list of enums.
integer int: A control parameter that is an integer.
integer_list Sequence[int]: A control parameter that is a list of integers.
string str: A control parameter that is a string.
string_list Sequence[str]: A control parameter that is a list of strings.

boolean Boolean: A control parameter that is a boolean.
double Number: A control parameter that is a double.
enum String: A control parameter that is an enum.
enumList List<String>: A control parameter that is a list of enums.
integer Number: A control parameter that is an integer.
integerList List<Number>: A control parameter that is a list of integers.
string String: A control parameter that is a string.
stringList List<String>: A control parameter that is a list of strings.

ConfigurationPolicyPolicy, ConfigurationPolicyPolicyArgs

SecurityHub Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicySecurityHubPolicy: The AWS service that the configuration policy applies to.

SecurityHub ConfigurationPolicySecurityHubPolicy: The AWS service that the configuration policy applies to.

securityHub ConfigurationPolicySecurityHubPolicy: The AWS service that the configuration policy applies to.

securityHub ConfigurationPolicySecurityHubPolicy: The AWS service that the configuration policy applies to.

security_hub ConfigurationPolicySecurityHubPolicy: The AWS service that the configuration policy applies to.

securityHub Property Map: The AWS service that the configuration policy applies to.

ConfigurationPolicySecurityControlCustomParameter, ConfigurationPolicySecurityControlCustomParameterArgs

Parameters Dictionary<string, Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicyParameterConfiguration>: An object that specifies parameter values for a control in a configuration policy.
SecurityControlId string: The ID of the security control.

Parameters map[string]ConfigurationPolicyParameterConfiguration: An object that specifies parameter values for a control in a configuration policy.
SecurityControlId string: The ID of the security control.

parameters Map<String,ConfigurationPolicyParameterConfiguration>: An object that specifies parameter values for a control in a configuration policy.
securityControlId String: The ID of the security control.

parameters {[key: string]: ConfigurationPolicyParameterConfiguration}: An object that specifies parameter values for a control in a configuration policy.
securityControlId string: The ID of the security control.

parameters Mapping[str, ConfigurationPolicyParameterConfiguration]: An object that specifies parameter values for a control in a configuration policy.
security_control_id str: The ID of the security control.

parameters Map<Property Map>: An object that specifies parameter values for a control in a configuration policy.
securityControlId String: The ID of the security control.

ConfigurationPolicySecurityControlsConfiguration, ConfigurationPolicySecurityControlsConfigurationArgs

DisabledSecurityControlIdentifiers List<string>: A list of security controls that are disabled in the configuration policy
EnabledSecurityControlIdentifiers List<string>: A list of security controls that are enabled in the configuration policy.
SecurityControlCustomParameters List<Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicySecurityControlCustomParameter>: A list of security controls and control parameter values that are included in a configuration policy.

DisabledSecurityControlIdentifiers []string: A list of security controls that are disabled in the configuration policy
EnabledSecurityControlIdentifiers []string: A list of security controls that are enabled in the configuration policy.
SecurityControlCustomParameters []ConfigurationPolicySecurityControlCustomParameter: A list of security controls and control parameter values that are included in a configuration policy.

disabledSecurityControlIdentifiers List<String>: A list of security controls that are disabled in the configuration policy
enabledSecurityControlIdentifiers List<String>: A list of security controls that are enabled in the configuration policy.
securityControlCustomParameters List<ConfigurationPolicySecurityControlCustomParameter>: A list of security controls and control parameter values that are included in a configuration policy.

disabledSecurityControlIdentifiers string[]: A list of security controls that are disabled in the configuration policy
enabledSecurityControlIdentifiers string[]: A list of security controls that are enabled in the configuration policy.
securityControlCustomParameters ConfigurationPolicySecurityControlCustomParameter[]: A list of security controls and control parameter values that are included in a configuration policy.

disabled_security_control_identifiers Sequence[str]: A list of security controls that are disabled in the configuration policy
enabled_security_control_identifiers Sequence[str]: A list of security controls that are enabled in the configuration policy.
security_control_custom_parameters Sequence[ConfigurationPolicySecurityControlCustomParameter]: A list of security controls and control parameter values that are included in a configuration policy.

disabledSecurityControlIdentifiers List<String>: A list of security controls that are disabled in the configuration policy
enabledSecurityControlIdentifiers List<String>: A list of security controls that are enabled in the configuration policy.
securityControlCustomParameters List<Property Map>: A list of security controls and control parameter values that are included in a configuration policy.

ConfigurationPolicySecurityHubPolicy, ConfigurationPolicySecurityHubPolicyArgs

EnabledStandardIdentifiers List<string>: A list that defines which security standards are enabled in the configuration policy.
SecurityControlsConfiguration Pulumi.AwsNative.SecurityHub.Inputs.ConfigurationPolicySecurityControlsConfiguration: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
ServiceEnabled bool: Indicates whether Security Hub is enabled in the policy.

EnabledStandardIdentifiers []string: A list that defines which security standards are enabled in the configuration policy.
SecurityControlsConfiguration ConfigurationPolicySecurityControlsConfiguration: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
ServiceEnabled bool: Indicates whether Security Hub is enabled in the policy.

enabledStandardIdentifiers List<String>: A list that defines which security standards are enabled in the configuration policy.
securityControlsConfiguration ConfigurationPolicySecurityControlsConfiguration: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
serviceEnabled Boolean: Indicates whether Security Hub is enabled in the policy.

enabledStandardIdentifiers string[]: A list that defines which security standards are enabled in the configuration policy.
securityControlsConfiguration ConfigurationPolicySecurityControlsConfiguration: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
serviceEnabled boolean: Indicates whether Security Hub is enabled in the policy.

enabled_standard_identifiers Sequence[str]: A list that defines which security standards are enabled in the configuration policy.
security_controls_configuration ConfigurationPolicySecurityControlsConfiguration: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
service_enabled bool: Indicates whether Security Hub is enabled in the policy.

enabledStandardIdentifiers List<String>: A list that defines which security standards are enabled in the configuration policy.
securityControlsConfiguration Property Map: An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
serviceEnabled Boolean: Indicates whether Security Hub is enabled in the policy.

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

aws-native.securityhub.ConfigurationPolicy

On this page

On this page

Create ConfigurationPolicy Resource

Constructor syntax

Parameters

ConfigurationPolicy Resource Properties

Inputs

Outputs

Supporting Types

ConfigurationPolicyParameterConfiguration, ConfigurationPolicyParameterConfigurationArgs

ConfigurationPolicyParameterConfigurationValueType, ConfigurationPolicyParameterConfigurationValueTypeArgs

ConfigurationPolicyParameterValue, ConfigurationPolicyParameterValueArgs

ConfigurationPolicyPolicy, ConfigurationPolicyPolicyArgs

ConfigurationPolicySecurityControlCustomParameter, ConfigurationPolicySecurityControlCustomParameterArgs

ConfigurationPolicySecurityControlsConfiguration, ConfigurationPolicySecurityControlsConfigurationArgs

ConfigurationPolicySecurityHubPolicy, ConfigurationPolicySecurityHubPolicyArgs

Package Details

On this page

On this page