aws-native.securityhub.SecurityControl

Explore with Pulumi AI

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-aws-native

Create SecurityControl Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityControl(name: string, args: SecurityControlArgs, opts?: CustomResourceOptions);

@overload
def SecurityControl(resource_name: str,
                    args: SecurityControlArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def SecurityControl(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    parameters: Optional[Mapping[str, SecurityControlParameterConfigurationArgs]] = None,
                    last_update_reason: Optional[str] = None,
                    security_control_arn: Optional[str] = None,
                    security_control_id: Optional[str] = None)

func NewSecurityControl(ctx *Context, name string, args SecurityControlArgs, opts ...ResourceOption) (*SecurityControl, error)

public SecurityControl(string name, SecurityControlArgs args, CustomResourceOptions? opts = null)

public SecurityControl(String name, SecurityControlArgs args)
public SecurityControl(String name, SecurityControlArgs args, CustomResourceOptions options)

type: aws-native:securityhub:SecurityControl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityControlArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityControlArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityControlArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityControlArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityControlArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

SecurityControl Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The SecurityControl resource accepts the following input properties:

Parameters Dictionary<string, Pulumi.AwsNative.SecurityHub.Inputs.SecurityControlParameterConfigurationArgs>: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
LastUpdateReason string: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
SecurityControlArn string: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
SecurityControlId string: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

Parameters map[string]SecurityControlParameterConfigurationArgs: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
LastUpdateReason string: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
SecurityControlArn string: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
SecurityControlId string: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

parameters Map<String,SecurityControlParameterConfigurationArgs>: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
lastUpdateReason String: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
securityControlArn String: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
securityControlId String: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

parameters {[key: string]: SecurityControlParameterConfigurationArgs}: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
lastUpdateReason string: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
securityControlArn string: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
securityControlId string: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

parameters Mapping[str, SecurityControlParameterConfigurationArgs]: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
last_update_reason str: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
security_control_arn str: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
security_control_id str: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

parameters Map<Property Map>: An object that identifies the name of a control parameter, its current value, and whether it has been customized.
lastUpdateReason String: The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
securityControlArn String: The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
securityControlId String: The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityControl resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Supporting Types

SecurityControlParameterConfiguration, SecurityControlParameterConfigurationArgs

ValueType Pulumi.AwsNative.SecurityHub.SecurityControlParameterConfigurationValueType

Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

When ValueType is set equal to CUSTOM , the Value field can't be empty.

Value Pulumi.AwsNative.SecurityHub.Inputs.SecurityControlParameterValue