Try AWS Native preview for resources not in the classic version.
aws.securityhub.Insight
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
Provides a Security Hub custom insight resource. See the Managing custom insights section of the AWS User Guide for more information.
Example Usage
Filter by AWS account ID
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.Account("example", {});
const exampleInsight = new aws.securityhub.Insight("example", {
filters: {
awsAccountIds: [
{
comparison: "EQUALS",
value: "1234567890",
},
{
comparison: "EQUALS",
value: "09876543210",
},
],
},
groupByAttribute: "AwsAccountId",
name: "example-insight",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.securityhub.Account("example")
example_insight = aws.securityhub.Insight("example",
filters={
"awsAccountIds": [
{
"comparison": "EQUALS",
"value": "1234567890",
},
{
"comparison": "EQUALS",
"value": "09876543210",
},
],
},
group_by_attribute="AwsAccountId",
name="example-insight",
opts = pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccount(ctx, "example", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
AwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{
&securityhub.InsightFiltersAwsAccountIdArgs{
Comparison: pulumi.String("EQUALS"),
Value: pulumi.String("1234567890"),
},
&securityhub.InsightFiltersAwsAccountIdArgs{
Comparison: pulumi.String("EQUALS"),
Value: pulumi.String("09876543210"),
},
},
},
GroupByAttribute: pulumi.String("AwsAccountId"),
Name: pulumi.String("example-insight"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.Account("example");
var exampleInsight = new Aws.SecurityHub.Insight("example", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
AwsAccountIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
{
Comparison = "EQUALS",
Value = "1234567890",
},
new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
{
Comparison = "EQUALS",
Value = "09876543210",
},
},
},
GroupByAttribute = "AwsAccountId",
Name = "example-insight",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Account("example");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.awsAccountIds(
InsightFiltersAwsAccountIdArgs.builder()
.comparison("EQUALS")
.value("1234567890")
.build(),
InsightFiltersAwsAccountIdArgs.builder()
.comparison("EQUALS")
.value("09876543210")
.build())
.build())
.groupByAttribute("AwsAccountId")
.name("example-insight")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
name: example
properties:
filters:
awsAccountIds:
- comparison: EQUALS
value: '1234567890'
- comparison: EQUALS
value: '09876543210'
groupByAttribute: AwsAccountId
name: example-insight
options:
dependson:
- ${example}
Filter by date range
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.Account("example", {});
const exampleInsight = new aws.securityhub.Insight("example", {
filters: {
createdAts: [{
dateRange: {
unit: "DAYS",
value: 5,
},
}],
},
groupByAttribute: "CreatedAt",
name: "example-insight",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.securityhub.Account("example")
example_insight = aws.securityhub.Insight("example",
filters={
"createdAts": [{
"dateRange": {
"unit": "DAYS",
"value": 5,
},
}],
},
group_by_attribute="CreatedAt",
name="example-insight",
opts = pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccount(ctx, "example", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
CreatedAts: securityhub.InsightFiltersCreatedAtArray{
&securityhub.InsightFiltersCreatedAtArgs{
DateRange: &securityhub.InsightFiltersCreatedAtDateRangeArgs{
Unit: pulumi.String("DAYS"),
Value: pulumi.Int(5),
},
},
},
},
GroupByAttribute: pulumi.String("CreatedAt"),
Name: pulumi.String("example-insight"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.Account("example");
var exampleInsight = new Aws.SecurityHub.Insight("example", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
CreatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs
{
Unit = "DAYS",
Value = 5,
},
},
},
},
GroupByAttribute = "CreatedAt",
Name = "example-insight",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Account("example");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.createdAts(InsightFiltersCreatedAtArgs.builder()
.dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
.unit("DAYS")
.value(5)
.build())
.build())
.build())
.groupByAttribute("CreatedAt")
.name("example-insight")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
name: example
properties:
filters:
createdAts:
- dateRange:
unit: DAYS
value: 5
groupByAttribute: CreatedAt
name: example-insight
options:
dependson:
- ${example}
Filter by destination IPv4 address
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.Account("example", {});
const exampleInsight = new aws.securityhub.Insight("example", {
filters: {
networkDestinationIpv4s: [{
cidr: "10.0.0.0/16",
}],
},
groupByAttribute: "NetworkDestinationIpV4",
name: "example-insight",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.securityhub.Account("example")
example_insight = aws.securityhub.Insight("example",
filters={
"networkDestinationIpv4s": [{
"cidr": "10.0.0.0/16",
}],
},
group_by_attribute="NetworkDestinationIpV4",
name="example-insight",
opts = pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccount(ctx, "example", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
NetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{
&securityhub.InsightFiltersNetworkDestinationIpv4Args{
Cidr: pulumi.String("10.0.0.0/16"),
},
},
},
GroupByAttribute: pulumi.String("NetworkDestinationIpV4"),
Name: pulumi.String("example-insight"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.Account("example");
var exampleInsight = new Aws.SecurityHub.Insight("example", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
NetworkDestinationIpv4s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args
{
Cidr = "10.0.0.0/16",
},
},
},
GroupByAttribute = "NetworkDestinationIpV4",
Name = "example-insight",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Account("example");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
.cidr("10.0.0.0/16")
.build())
.build())
.groupByAttribute("NetworkDestinationIpV4")
.name("example-insight")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
name: example
properties:
filters:
networkDestinationIpv4s:
- cidr: 10.0.0.0/16
groupByAttribute: NetworkDestinationIpV4
name: example-insight
options:
dependson:
- ${example}
Filter by finding’s confidence
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.Account("example", {});
const exampleInsight = new aws.securityhub.Insight("example", {
filters: {
confidences: [{
gte: "80",
}],
},
groupByAttribute: "Confidence",
name: "example-insight",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.securityhub.Account("example")
example_insight = aws.securityhub.Insight("example",
filters={
"confidences": [{
"gte": "80",
}],
},
group_by_attribute="Confidence",
name="example-insight",
opts = pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccount(ctx, "example", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
Confidences: securityhub.InsightFiltersConfidenceArray{
&securityhub.InsightFiltersConfidenceArgs{
Gte: pulumi.String("80"),
},
},
},
GroupByAttribute: pulumi.String("Confidence"),
Name: pulumi.String("example-insight"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.Account("example");
var exampleInsight = new Aws.SecurityHub.Insight("example", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
Confidences = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs
{
Gte = "80",
},
},
},
GroupByAttribute = "Confidence",
Name = "example-insight",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Account("example");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.confidences(InsightFiltersConfidenceArgs.builder()
.gte("80")
.build())
.build())
.groupByAttribute("Confidence")
.name("example-insight")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
name: example
properties:
filters:
confidences:
- gte: '80'
groupByAttribute: Confidence
name: example-insight
options:
dependson:
- ${example}
Filter by resource tags
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.Account("example", {});
const exampleInsight = new aws.securityhub.Insight("example", {
filters: {
resourceTags: [{
comparison: "EQUALS",
key: "Environment",
value: "Production",
}],
},
groupByAttribute: "ResourceTags",
name: "example-insight",
}, {
dependsOn: [example],
});
import pulumi
import pulumi_aws as aws
example = aws.securityhub.Account("example")
example_insight = aws.securityhub.Insight("example",
filters={
"resourceTags": [{
"comparison": "EQUALS",
"key": "Environment",
"value": "Production",
}],
},
group_by_attribute="ResourceTags",
name="example-insight",
opts = pulumi.ResourceOptions(depends_on=[example]))
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccount(ctx, "example", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
ResourceTags: securityhub.InsightFiltersResourceTagArray{
&securityhub.InsightFiltersResourceTagArgs{
Comparison: pulumi.String("EQUALS"),
Key: pulumi.String("Environment"),
Value: pulumi.String("Production"),
},
},
},
GroupByAttribute: pulumi.String("ResourceTags"),
Name: pulumi.String("example-insight"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.Account("example");
var exampleInsight = new Aws.SecurityHub.Insight("example", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
ResourceTags = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs
{
Comparison = "EQUALS",
Key = "Environment",
Value = "Production",
},
},
},
GroupByAttribute = "ResourceTags",
Name = "example-insight",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Account("example");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.resourceTags(InsightFiltersResourceTagArgs.builder()
.comparison("EQUALS")
.key("Environment")
.value("Production")
.build())
.build())
.groupByAttribute("ResourceTags")
.name("example-insight")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
}
}
resources:
example:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
name: example
properties:
filters:
resourceTags:
- comparison: EQUALS
key: Environment
value: Production
groupByAttribute: ResourceTags
name: example-insight
options:
dependson:
- ${example}
Create Insight Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Insight(name: string, args: InsightArgs, opts?: CustomResourceOptions);
@overload
def Insight(resource_name: str,
args: InsightArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Insight(resource_name: str,
opts: Optional[ResourceOptions] = None,
filters: Optional[InsightFiltersArgs] = None,
group_by_attribute: Optional[str] = None,
name: Optional[str] = None)
func NewInsight(ctx *Context, name string, args InsightArgs, opts ...ResourceOption) (*Insight, error)
public Insight(string name, InsightArgs args, CustomResourceOptions? opts = null)
public Insight(String name, InsightArgs args)
public Insight(String name, InsightArgs args, CustomResourceOptions options)
type: aws:securityhub:Insight
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var insightResource = new Aws.SecurityHub.Insight("insightResource", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
AwsAccountIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
{
Comparison = "string",
Value = "string",
},
},
CompanyNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersCompanyNameArgs
{
Comparison = "string",
Value = "string",
},
},
ComplianceStatuses = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersComplianceStatusArgs
{
Comparison = "string",
Value = "string",
},
},
Confidences = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
CreatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
Criticalities = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersCriticalityArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
Descriptions = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersDescriptionArgs
{
Comparison = "string",
Value = "string",
},
},
FindingProviderFieldsConfidences = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsConfidenceArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
FindingProviderFieldsCriticalities = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsCriticalityArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
FindingProviderFieldsRelatedFindingsIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs
{
Comparison = "string",
Value = "string",
},
},
FindingProviderFieldsRelatedFindingsProductArns = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs
{
Comparison = "string",
Value = "string",
},
},
FindingProviderFieldsSeverityLabels = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsSeverityLabelArgs
{
Comparison = "string",
Value = "string",
},
},
FindingProviderFieldsSeverityOriginals = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsSeverityOriginalArgs
{
Comparison = "string",
Value = "string",
},
},
FindingProviderFieldsTypes = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsTypeArgs
{
Comparison = "string",
Value = "string",
},
},
FirstObservedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersFirstObservedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersFirstObservedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
GeneratorIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersGeneratorIdArgs
{
Comparison = "string",
Value = "string",
},
},
Ids = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersIdArgs
{
Comparison = "string",
Value = "string",
},
},
Keywords = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersKeywordArgs
{
Value = "string",
},
},
LastObservedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersLastObservedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersLastObservedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
MalwareNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersMalwareNameArgs
{
Comparison = "string",
Value = "string",
},
},
MalwarePaths = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersMalwarePathArgs
{
Comparison = "string",
Value = "string",
},
},
MalwareStates = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersMalwareStateArgs
{
Comparison = "string",
Value = "string",
},
},
MalwareTypes = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersMalwareTypeArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkDestinationDomains = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationDomainArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkDestinationIpv4s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args
{
Cidr = "string",
},
},
NetworkDestinationIpv6s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv6Args
{
Cidr = "string",
},
},
NetworkDestinationPorts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationPortArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
NetworkDirections = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDirectionArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkProtocols = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkProtocolArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkSourceDomains = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceDomainArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkSourceIpv4s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceIpv4Args
{
Cidr = "string",
},
},
NetworkSourceIpv6s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceIpv6Args
{
Cidr = "string",
},
},
NetworkSourceMacs = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceMacArgs
{
Comparison = "string",
Value = "string",
},
},
NetworkSourcePorts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourcePortArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
NoteTexts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNoteTextArgs
{
Comparison = "string",
Value = "string",
},
},
NoteUpdatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
NoteUpdatedBies = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedByArgs
{
Comparison = "string",
Value = "string",
},
},
ProcessLaunchedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessLaunchedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersProcessLaunchedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ProcessNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessNameArgs
{
Comparison = "string",
Value = "string",
},
},
ProcessParentPids = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessParentPidArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
ProcessPaths = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessPathArgs
{
Comparison = "string",
Value = "string",
},
},
ProcessPids = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessPidArgs
{
Eq = "string",
Gte = "string",
Lte = "string",
},
},
ProcessTerminatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProcessTerminatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersProcessTerminatedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ProductArns = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProductArnArgs
{
Comparison = "string",
Value = "string",
},
},
ProductFields = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProductFieldArgs
{
Comparison = "string",
Key = "string",
Value = "string",
},
},
ProductNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersProductNameArgs
{
Comparison = "string",
Value = "string",
},
},
RecommendationTexts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersRecommendationTextArgs
{
Comparison = "string",
Value = "string",
},
},
RecordStates = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersRecordStateArgs
{
Comparison = "string",
Value = "string",
},
},
RelatedFindingsIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersRelatedFindingsIdArgs
{
Comparison = "string",
Value = "string",
},
},
RelatedFindingsProductArns = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersRelatedFindingsProductArnArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceIamInstanceProfileArns = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceImageIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceImageIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceIpv4Addresses = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs
{
Cidr = "string",
},
},
ResourceAwsEc2InstanceIpv6Addresses = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs
{
Cidr = "string",
},
},
ResourceAwsEc2InstanceKeyNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceKeyNameArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceLaunchedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ResourceAwsEc2InstanceSubnetIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceSubnetIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceTypes = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceTypeArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsEc2InstanceVpcIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceVpcIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsIamAccessKeyCreatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ResourceAwsIamAccessKeyStatuses = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyStatusArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsIamAccessKeyUserNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyUserNameArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsS3BucketOwnerIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsS3BucketOwnerIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceAwsS3BucketOwnerNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsS3BucketOwnerNameArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceContainerImageIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerImageIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceContainerImageNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerImageNameArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceContainerLaunchedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerLaunchedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerLaunchedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ResourceContainerNames = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerNameArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceDetailsOthers = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceDetailsOtherArgs
{
Comparison = "string",
Key = "string",
Value = "string",
},
},
ResourceIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceIdArgs
{
Comparison = "string",
Value = "string",
},
},
ResourcePartitions = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourcePartitionArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceRegions = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceRegionArgs
{
Comparison = "string",
Value = "string",
},
},
ResourceTags = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs
{
Comparison = "string",
Key = "string",
Value = "string",
},
},
ResourceTypes = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceTypeArgs
{
Comparison = "string",
Value = "string",
},
},
SeverityLabels = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersSeverityLabelArgs
{
Comparison = "string",
Value = "string",
},
},
SourceUrls = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersSourceUrlArgs
{
Comparison = "string",
Value = "string",
},
},
ThreatIntelIndicatorCategories = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorCategoryArgs
{
Comparison = "string",
Value = "string",
},
},
ThreatIntelIndicatorLastObservedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorLastObservedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
ThreatIntelIndicatorSourceUrls = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorSourceUrlArgs
{
Comparison = "string",
Value = "string",
},
},
ThreatIntelIndicatorSources = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorSourceArgs
{
Comparison = "string",
Value = "string",
},
},
ThreatIntelIndicatorTypes = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorTypeArgs
{
Comparison = "string",
Value = "string",
},
},
ThreatIntelIndicatorValues = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorValueArgs
{
Comparison = "string",
Value = "string",
},
},
Titles = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersTitleArgs
{
Comparison = "string",
Value = "string",
},
},
Types = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersTypeArgs
{
Comparison = "string",
Value = "string",
},
},
UpdatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersUpdatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersUpdatedAtDateRangeArgs
{
Unit = "string",
Value = 0,
},
End = "string",
Start = "string",
},
},
UserDefinedValues = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersUserDefinedValueArgs
{
Comparison = "string",
Key = "string",
Value = "string",
},
},
VerificationStates = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersVerificationStateArgs
{
Comparison = "string",
Value = "string",
},
},
WorkflowStatuses = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersWorkflowStatusArgs
{
Comparison = "string",
Value = "string",
},
},
},
GroupByAttribute = "string",
Name = "string",
});
example, err := securityhub.NewInsight(ctx, "insightResource", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
AwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{
&securityhub.InsightFiltersAwsAccountIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
CompanyNames: securityhub.InsightFiltersCompanyNameArray{
&securityhub.InsightFiltersCompanyNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ComplianceStatuses: securityhub.InsightFiltersComplianceStatusArray{
&securityhub.InsightFiltersComplianceStatusArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Confidences: securityhub.InsightFiltersConfidenceArray{
&securityhub.InsightFiltersConfidenceArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
CreatedAts: securityhub.InsightFiltersCreatedAtArray{
&securityhub.InsightFiltersCreatedAtArgs{
DateRange: &securityhub.InsightFiltersCreatedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
Criticalities: securityhub.InsightFiltersCriticalityArray{
&securityhub.InsightFiltersCriticalityArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
Descriptions: securityhub.InsightFiltersDescriptionArray{
&securityhub.InsightFiltersDescriptionArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FindingProviderFieldsConfidences: securityhub.InsightFiltersFindingProviderFieldsConfidenceArray{
&securityhub.InsightFiltersFindingProviderFieldsConfidenceArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
FindingProviderFieldsCriticalities: securityhub.InsightFiltersFindingProviderFieldsCriticalityArray{
&securityhub.InsightFiltersFindingProviderFieldsCriticalityArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
FindingProviderFieldsRelatedFindingsIds: securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsIdArray{
&securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FindingProviderFieldsRelatedFindingsProductArns: securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArray{
&securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FindingProviderFieldsSeverityLabels: securityhub.InsightFiltersFindingProviderFieldsSeverityLabelArray{
&securityhub.InsightFiltersFindingProviderFieldsSeverityLabelArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FindingProviderFieldsSeverityOriginals: securityhub.InsightFiltersFindingProviderFieldsSeverityOriginalArray{
&securityhub.InsightFiltersFindingProviderFieldsSeverityOriginalArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FindingProviderFieldsTypes: securityhub.InsightFiltersFindingProviderFieldsTypeArray{
&securityhub.InsightFiltersFindingProviderFieldsTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
FirstObservedAts: securityhub.InsightFiltersFirstObservedAtArray{
&securityhub.InsightFiltersFirstObservedAtArgs{
DateRange: &securityhub.InsightFiltersFirstObservedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
GeneratorIds: securityhub.InsightFiltersGeneratorIdArray{
&securityhub.InsightFiltersGeneratorIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Ids: securityhub.InsightFiltersIdArray{
&securityhub.InsightFiltersIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Keywords: securityhub.InsightFiltersKeywordArray{
&securityhub.InsightFiltersKeywordArgs{
Value: pulumi.String("string"),
},
},
LastObservedAts: securityhub.InsightFiltersLastObservedAtArray{
&securityhub.InsightFiltersLastObservedAtArgs{
DateRange: &securityhub.InsightFiltersLastObservedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
MalwareNames: securityhub.InsightFiltersMalwareNameArray{
&securityhub.InsightFiltersMalwareNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
MalwarePaths: securityhub.InsightFiltersMalwarePathArray{
&securityhub.InsightFiltersMalwarePathArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
MalwareStates: securityhub.InsightFiltersMalwareStateArray{
&securityhub.InsightFiltersMalwareStateArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
MalwareTypes: securityhub.InsightFiltersMalwareTypeArray{
&securityhub.InsightFiltersMalwareTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkDestinationDomains: securityhub.InsightFiltersNetworkDestinationDomainArray{
&securityhub.InsightFiltersNetworkDestinationDomainArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{
&securityhub.InsightFiltersNetworkDestinationIpv4Args{
Cidr: pulumi.String("string"),
},
},
NetworkDestinationIpv6s: securityhub.InsightFiltersNetworkDestinationIpv6Array{
&securityhub.InsightFiltersNetworkDestinationIpv6Args{
Cidr: pulumi.String("string"),
},
},
NetworkDestinationPorts: securityhub.InsightFiltersNetworkDestinationPortArray{
&securityhub.InsightFiltersNetworkDestinationPortArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
NetworkDirections: securityhub.InsightFiltersNetworkDirectionArray{
&securityhub.InsightFiltersNetworkDirectionArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkProtocols: securityhub.InsightFiltersNetworkProtocolArray{
&securityhub.InsightFiltersNetworkProtocolArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkSourceDomains: securityhub.InsightFiltersNetworkSourceDomainArray{
&securityhub.InsightFiltersNetworkSourceDomainArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkSourceIpv4s: securityhub.InsightFiltersNetworkSourceIpv4Array{
&securityhub.InsightFiltersNetworkSourceIpv4Args{
Cidr: pulumi.String("string"),
},
},
NetworkSourceIpv6s: securityhub.InsightFiltersNetworkSourceIpv6Array{
&securityhub.InsightFiltersNetworkSourceIpv6Args{
Cidr: pulumi.String("string"),
},
},
NetworkSourceMacs: securityhub.InsightFiltersNetworkSourceMacArray{
&securityhub.InsightFiltersNetworkSourceMacArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NetworkSourcePorts: securityhub.InsightFiltersNetworkSourcePortArray{
&securityhub.InsightFiltersNetworkSourcePortArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
NoteTexts: securityhub.InsightFiltersNoteTextArray{
&securityhub.InsightFiltersNoteTextArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
NoteUpdatedAts: securityhub.InsightFiltersNoteUpdatedAtArray{
&securityhub.InsightFiltersNoteUpdatedAtArgs{
DateRange: &securityhub.InsightFiltersNoteUpdatedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
NoteUpdatedBies: securityhub.InsightFiltersNoteUpdatedByArray{
&securityhub.InsightFiltersNoteUpdatedByArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProcessLaunchedAts: securityhub.InsightFiltersProcessLaunchedAtArray{
&securityhub.InsightFiltersProcessLaunchedAtArgs{
DateRange: &securityhub.InsightFiltersProcessLaunchedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ProcessNames: securityhub.InsightFiltersProcessNameArray{
&securityhub.InsightFiltersProcessNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProcessParentPids: securityhub.InsightFiltersProcessParentPidArray{
&securityhub.InsightFiltersProcessParentPidArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
ProcessPaths: securityhub.InsightFiltersProcessPathArray{
&securityhub.InsightFiltersProcessPathArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProcessPids: securityhub.InsightFiltersProcessPidArray{
&securityhub.InsightFiltersProcessPidArgs{
Eq: pulumi.String("string"),
Gte: pulumi.String("string"),
Lte: pulumi.String("string"),
},
},
ProcessTerminatedAts: securityhub.InsightFiltersProcessTerminatedAtArray{
&securityhub.InsightFiltersProcessTerminatedAtArgs{
DateRange: &securityhub.InsightFiltersProcessTerminatedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ProductArns: securityhub.InsightFiltersProductArnArray{
&securityhub.InsightFiltersProductArnArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProductFields: securityhub.InsightFiltersProductFieldArray{
&securityhub.InsightFiltersProductFieldArgs{
Comparison: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ProductNames: securityhub.InsightFiltersProductNameArray{
&securityhub.InsightFiltersProductNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
RecommendationTexts: securityhub.InsightFiltersRecommendationTextArray{
&securityhub.InsightFiltersRecommendationTextArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
RecordStates: securityhub.InsightFiltersRecordStateArray{
&securityhub.InsightFiltersRecordStateArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
RelatedFindingsIds: securityhub.InsightFiltersRelatedFindingsIdArray{
&securityhub.InsightFiltersRelatedFindingsIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
RelatedFindingsProductArns: securityhub.InsightFiltersRelatedFindingsProductArnArray{
&securityhub.InsightFiltersRelatedFindingsProductArnArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceIamInstanceProfileArns: securityhub.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceImageIds: securityhub.InsightFiltersResourceAwsEc2InstanceImageIdArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceImageIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceIpv4Addresses: securityhub.InsightFiltersResourceAwsEc2InstanceIpv4AddressArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs{
Cidr: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceIpv6Addresses: securityhub.InsightFiltersResourceAwsEc2InstanceIpv6AddressArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs{
Cidr: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceKeyNames: securityhub.InsightFiltersResourceAwsEc2InstanceKeyNameArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceKeyNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceLaunchedAts: securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs{
DateRange: &securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceSubnetIds: securityhub.InsightFiltersResourceAwsEc2InstanceSubnetIdArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceSubnetIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceTypes: securityhub.InsightFiltersResourceAwsEc2InstanceTypeArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsEc2InstanceVpcIds: securityhub.InsightFiltersResourceAwsEc2InstanceVpcIdArray{
&securityhub.InsightFiltersResourceAwsEc2InstanceVpcIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsIamAccessKeyCreatedAts: securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtArray{
&securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs{
DateRange: &securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ResourceAwsIamAccessKeyStatuses: securityhub.InsightFiltersResourceAwsIamAccessKeyStatusArray{
&securityhub.InsightFiltersResourceAwsIamAccessKeyStatusArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsIamAccessKeyUserNames: securityhub.InsightFiltersResourceAwsIamAccessKeyUserNameArray{
&securityhub.InsightFiltersResourceAwsIamAccessKeyUserNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsS3BucketOwnerIds: securityhub.InsightFiltersResourceAwsS3BucketOwnerIdArray{
&securityhub.InsightFiltersResourceAwsS3BucketOwnerIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceAwsS3BucketOwnerNames: securityhub.InsightFiltersResourceAwsS3BucketOwnerNameArray{
&securityhub.InsightFiltersResourceAwsS3BucketOwnerNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceContainerImageIds: securityhub.InsightFiltersResourceContainerImageIdArray{
&securityhub.InsightFiltersResourceContainerImageIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceContainerImageNames: securityhub.InsightFiltersResourceContainerImageNameArray{
&securityhub.InsightFiltersResourceContainerImageNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceContainerLaunchedAts: securityhub.InsightFiltersResourceContainerLaunchedAtArray{
&securityhub.InsightFiltersResourceContainerLaunchedAtArgs{
DateRange: &securityhub.InsightFiltersResourceContainerLaunchedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ResourceContainerNames: securityhub.InsightFiltersResourceContainerNameArray{
&securityhub.InsightFiltersResourceContainerNameArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceDetailsOthers: securityhub.InsightFiltersResourceDetailsOtherArray{
&securityhub.InsightFiltersResourceDetailsOtherArgs{
Comparison: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceIds: securityhub.InsightFiltersResourceIdArray{
&securityhub.InsightFiltersResourceIdArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourcePartitions: securityhub.InsightFiltersResourcePartitionArray{
&securityhub.InsightFiltersResourcePartitionArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceRegions: securityhub.InsightFiltersResourceRegionArray{
&securityhub.InsightFiltersResourceRegionArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceTags: securityhub.InsightFiltersResourceTagArray{
&securityhub.InsightFiltersResourceTagArgs{
Comparison: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ResourceTypes: securityhub.InsightFiltersResourceTypeArray{
&securityhub.InsightFiltersResourceTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
SeverityLabels: securityhub.InsightFiltersSeverityLabelArray{
&securityhub.InsightFiltersSeverityLabelArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
SourceUrls: securityhub.InsightFiltersSourceUrlArray{
&securityhub.InsightFiltersSourceUrlArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ThreatIntelIndicatorCategories: securityhub.InsightFiltersThreatIntelIndicatorCategoryArray{
&securityhub.InsightFiltersThreatIntelIndicatorCategoryArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ThreatIntelIndicatorLastObservedAts: securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtArray{
&securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtArgs{
DateRange: &securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
ThreatIntelIndicatorSourceUrls: securityhub.InsightFiltersThreatIntelIndicatorSourceUrlArray{
&securityhub.InsightFiltersThreatIntelIndicatorSourceUrlArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ThreatIntelIndicatorSources: securityhub.InsightFiltersThreatIntelIndicatorSourceArray{
&securityhub.InsightFiltersThreatIntelIndicatorSourceArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ThreatIntelIndicatorTypes: securityhub.InsightFiltersThreatIntelIndicatorTypeArray{
&securityhub.InsightFiltersThreatIntelIndicatorTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ThreatIntelIndicatorValues: securityhub.InsightFiltersThreatIntelIndicatorValueArray{
&securityhub.InsightFiltersThreatIntelIndicatorValueArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Titles: securityhub.InsightFiltersTitleArray{
&securityhub.InsightFiltersTitleArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Types: securityhub.InsightFiltersTypeArray{
&securityhub.InsightFiltersTypeArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
UpdatedAts: securityhub.InsightFiltersUpdatedAtArray{
&securityhub.InsightFiltersUpdatedAtArgs{
DateRange: &securityhub.InsightFiltersUpdatedAtDateRangeArgs{
Unit: pulumi.String("string"),
Value: pulumi.Int(0),
},
End: pulumi.String("string"),
Start: pulumi.String("string"),
},
},
UserDefinedValues: securityhub.InsightFiltersUserDefinedValueArray{
&securityhub.InsightFiltersUserDefinedValueArgs{
Comparison: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
VerificationStates: securityhub.InsightFiltersVerificationStateArray{
&securityhub.InsightFiltersVerificationStateArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WorkflowStatuses: securityhub.InsightFiltersWorkflowStatusArray{
&securityhub.InsightFiltersWorkflowStatusArgs{
Comparison: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
GroupByAttribute: pulumi.String("string"),
Name: pulumi.String("string"),
})
var insightResource = new Insight("insightResource", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.awsAccountIds(InsightFiltersAwsAccountIdArgs.builder()
.comparison("string")
.value("string")
.build())
.companyNames(InsightFiltersCompanyNameArgs.builder()
.comparison("string")
.value("string")
.build())
.complianceStatuses(InsightFiltersComplianceStatusArgs.builder()
.comparison("string")
.value("string")
.build())
.confidences(InsightFiltersConfidenceArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.createdAts(InsightFiltersCreatedAtArgs.builder()
.dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.criticalities(InsightFiltersCriticalityArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.descriptions(InsightFiltersDescriptionArgs.builder()
.comparison("string")
.value("string")
.build())
.findingProviderFieldsConfidences(InsightFiltersFindingProviderFieldsConfidenceArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.findingProviderFieldsCriticalities(InsightFiltersFindingProviderFieldsCriticalityArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.findingProviderFieldsRelatedFindingsIds(InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs.builder()
.comparison("string")
.value("string")
.build())
.findingProviderFieldsRelatedFindingsProductArns(InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs.builder()
.comparison("string")
.value("string")
.build())
.findingProviderFieldsSeverityLabels(InsightFiltersFindingProviderFieldsSeverityLabelArgs.builder()
.comparison("string")
.value("string")
.build())
.findingProviderFieldsSeverityOriginals(InsightFiltersFindingProviderFieldsSeverityOriginalArgs.builder()
.comparison("string")
.value("string")
.build())
.findingProviderFieldsTypes(InsightFiltersFindingProviderFieldsTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.firstObservedAts(InsightFiltersFirstObservedAtArgs.builder()
.dateRange(InsightFiltersFirstObservedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.generatorIds(InsightFiltersGeneratorIdArgs.builder()
.comparison("string")
.value("string")
.build())
.ids(InsightFiltersIdArgs.builder()
.comparison("string")
.value("string")
.build())
.keywords(InsightFiltersKeywordArgs.builder()
.value("string")
.build())
.lastObservedAts(InsightFiltersLastObservedAtArgs.builder()
.dateRange(InsightFiltersLastObservedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.malwareNames(InsightFiltersMalwareNameArgs.builder()
.comparison("string")
.value("string")
.build())
.malwarePaths(InsightFiltersMalwarePathArgs.builder()
.comparison("string")
.value("string")
.build())
.malwareStates(InsightFiltersMalwareStateArgs.builder()
.comparison("string")
.value("string")
.build())
.malwareTypes(InsightFiltersMalwareTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.networkDestinationDomains(InsightFiltersNetworkDestinationDomainArgs.builder()
.comparison("string")
.value("string")
.build())
.networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
.cidr("string")
.build())
.networkDestinationIpv6s(InsightFiltersNetworkDestinationIpv6Args.builder()
.cidr("string")
.build())
.networkDestinationPorts(InsightFiltersNetworkDestinationPortArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.networkDirections(InsightFiltersNetworkDirectionArgs.builder()
.comparison("string")
.value("string")
.build())
.networkProtocols(InsightFiltersNetworkProtocolArgs.builder()
.comparison("string")
.value("string")
.build())
.networkSourceDomains(InsightFiltersNetworkSourceDomainArgs.builder()
.comparison("string")
.value("string")
.build())
.networkSourceIpv4s(InsightFiltersNetworkSourceIpv4Args.builder()
.cidr("string")
.build())
.networkSourceIpv6s(InsightFiltersNetworkSourceIpv6Args.builder()
.cidr("string")
.build())
.networkSourceMacs(InsightFiltersNetworkSourceMacArgs.builder()
.comparison("string")
.value("string")
.build())
.networkSourcePorts(InsightFiltersNetworkSourcePortArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.noteTexts(InsightFiltersNoteTextArgs.builder()
.comparison("string")
.value("string")
.build())
.noteUpdatedAts(InsightFiltersNoteUpdatedAtArgs.builder()
.dateRange(InsightFiltersNoteUpdatedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.noteUpdatedBies(InsightFiltersNoteUpdatedByArgs.builder()
.comparison("string")
.value("string")
.build())
.processLaunchedAts(InsightFiltersProcessLaunchedAtArgs.builder()
.dateRange(InsightFiltersProcessLaunchedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.processNames(InsightFiltersProcessNameArgs.builder()
.comparison("string")
.value("string")
.build())
.processParentPids(InsightFiltersProcessParentPidArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.processPaths(InsightFiltersProcessPathArgs.builder()
.comparison("string")
.value("string")
.build())
.processPids(InsightFiltersProcessPidArgs.builder()
.eq("string")
.gte("string")
.lte("string")
.build())
.processTerminatedAts(InsightFiltersProcessTerminatedAtArgs.builder()
.dateRange(InsightFiltersProcessTerminatedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.productArns(InsightFiltersProductArnArgs.builder()
.comparison("string")
.value("string")
.build())
.productFields(InsightFiltersProductFieldArgs.builder()
.comparison("string")
.key("string")
.value("string")
.build())
.productNames(InsightFiltersProductNameArgs.builder()
.comparison("string")
.value("string")
.build())
.recommendationTexts(InsightFiltersRecommendationTextArgs.builder()
.comparison("string")
.value("string")
.build())
.recordStates(InsightFiltersRecordStateArgs.builder()
.comparison("string")
.value("string")
.build())
.relatedFindingsIds(InsightFiltersRelatedFindingsIdArgs.builder()
.comparison("string")
.value("string")
.build())
.relatedFindingsProductArns(InsightFiltersRelatedFindingsProductArnArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceIamInstanceProfileArns(InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceImageIds(InsightFiltersResourceAwsEc2InstanceImageIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceIpv4Addresses(InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs.builder()
.cidr("string")
.build())
.resourceAwsEc2InstanceIpv6Addresses(InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs.builder()
.cidr("string")
.build())
.resourceAwsEc2InstanceKeyNames(InsightFiltersResourceAwsEc2InstanceKeyNameArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceLaunchedAts(InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs.builder()
.dateRange(InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.resourceAwsEc2InstanceSubnetIds(InsightFiltersResourceAwsEc2InstanceSubnetIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceTypes(InsightFiltersResourceAwsEc2InstanceTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsEc2InstanceVpcIds(InsightFiltersResourceAwsEc2InstanceVpcIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsIamAccessKeyCreatedAts(InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs.builder()
.dateRange(InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.resourceAwsIamAccessKeyStatuses(InsightFiltersResourceAwsIamAccessKeyStatusArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsIamAccessKeyUserNames(InsightFiltersResourceAwsIamAccessKeyUserNameArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsS3BucketOwnerIds(InsightFiltersResourceAwsS3BucketOwnerIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceAwsS3BucketOwnerNames(InsightFiltersResourceAwsS3BucketOwnerNameArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceContainerImageIds(InsightFiltersResourceContainerImageIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceContainerImageNames(InsightFiltersResourceContainerImageNameArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceContainerLaunchedAts(InsightFiltersResourceContainerLaunchedAtArgs.builder()
.dateRange(InsightFiltersResourceContainerLaunchedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.resourceContainerNames(InsightFiltersResourceContainerNameArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceDetailsOthers(InsightFiltersResourceDetailsOtherArgs.builder()
.comparison("string")
.key("string")
.value("string")
.build())
.resourceIds(InsightFiltersResourceIdArgs.builder()
.comparison("string")
.value("string")
.build())
.resourcePartitions(InsightFiltersResourcePartitionArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceRegions(InsightFiltersResourceRegionArgs.builder()
.comparison("string")
.value("string")
.build())
.resourceTags(InsightFiltersResourceTagArgs.builder()
.comparison("string")
.key("string")
.value("string")
.build())
.resourceTypes(InsightFiltersResourceTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.severityLabels(InsightFiltersSeverityLabelArgs.builder()
.comparison("string")
.value("string")
.build())
.sourceUrls(InsightFiltersSourceUrlArgs.builder()
.comparison("string")
.value("string")
.build())
.threatIntelIndicatorCategories(InsightFiltersThreatIntelIndicatorCategoryArgs.builder()
.comparison("string")
.value("string")
.build())
.threatIntelIndicatorLastObservedAts(InsightFiltersThreatIntelIndicatorLastObservedAtArgs.builder()
.dateRange(InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.threatIntelIndicatorSourceUrls(InsightFiltersThreatIntelIndicatorSourceUrlArgs.builder()
.comparison("string")
.value("string")
.build())
.threatIntelIndicatorSources(InsightFiltersThreatIntelIndicatorSourceArgs.builder()
.comparison("string")
.value("string")
.build())
.threatIntelIndicatorTypes(InsightFiltersThreatIntelIndicatorTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.threatIntelIndicatorValues(InsightFiltersThreatIntelIndicatorValueArgs.builder()
.comparison("string")
.value("string")
.build())
.titles(InsightFiltersTitleArgs.builder()
.comparison("string")
.value("string")
.build())
.types(InsightFiltersTypeArgs.builder()
.comparison("string")
.value("string")
.build())
.updatedAts(InsightFiltersUpdatedAtArgs.builder()
.dateRange(InsightFiltersUpdatedAtDateRangeArgs.builder()
.unit("string")
.value(0)
.build())
.end("string")
.start("string")
.build())
.userDefinedValues(InsightFiltersUserDefinedValueArgs.builder()
.comparison("string")
.key("string")
.value("string")
.build())
.verificationStates(InsightFiltersVerificationStateArgs.builder()
.comparison("string")
.value("string")
.build())
.workflowStatuses(InsightFiltersWorkflowStatusArgs.builder()
.comparison("string")
.value("string")
.build())
.build())
.groupByAttribute("string")
.name("string")
.build());
insight_resource = aws.securityhub.Insight("insightResource",
filters={
"awsAccountIds": [{
"comparison": "string",
"value": "string",
}],
"companyNames": [{
"comparison": "string",
"value": "string",
}],
"complianceStatuses": [{
"comparison": "string",
"value": "string",
}],
"confidences": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"createdAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"criticalities": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"descriptions": [{
"comparison": "string",
"value": "string",
}],
"findingProviderFieldsConfidences": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"findingProviderFieldsCriticalities": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"findingProviderFieldsRelatedFindingsIds": [{
"comparison": "string",
"value": "string",
}],
"findingProviderFieldsRelatedFindingsProductArns": [{
"comparison": "string",
"value": "string",
}],
"findingProviderFieldsSeverityLabels": [{
"comparison": "string",
"value": "string",
}],
"findingProviderFieldsSeverityOriginals": [{
"comparison": "string",
"value": "string",
}],
"findingProviderFieldsTypes": [{
"comparison": "string",
"value": "string",
}],
"firstObservedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"generatorIds": [{
"comparison": "string",
"value": "string",
}],
"ids": [{
"comparison": "string",
"value": "string",
}],
"keywords": [{
"value": "string",
}],
"lastObservedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"malwareNames": [{
"comparison": "string",
"value": "string",
}],
"malwarePaths": [{
"comparison": "string",
"value": "string",
}],
"malwareStates": [{
"comparison": "string",
"value": "string",
}],
"malwareTypes": [{
"comparison": "string",
"value": "string",
}],
"networkDestinationDomains": [{
"comparison": "string",
"value": "string",
}],
"networkDestinationIpv4s": [{
"cidr": "string",
}],
"networkDestinationIpv6s": [{
"cidr": "string",
}],
"networkDestinationPorts": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"networkDirections": [{
"comparison": "string",
"value": "string",
}],
"networkProtocols": [{
"comparison": "string",
"value": "string",
}],
"networkSourceDomains": [{
"comparison": "string",
"value": "string",
}],
"networkSourceIpv4s": [{
"cidr": "string",
}],
"networkSourceIpv6s": [{
"cidr": "string",
}],
"networkSourceMacs": [{
"comparison": "string",
"value": "string",
}],
"networkSourcePorts": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"noteTexts": [{
"comparison": "string",
"value": "string",
}],
"noteUpdatedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"noteUpdatedBies": [{
"comparison": "string",
"value": "string",
}],
"processLaunchedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"processNames": [{
"comparison": "string",
"value": "string",
}],
"processParentPids": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"processPaths": [{
"comparison": "string",
"value": "string",
}],
"processPids": [{
"eq": "string",
"gte": "string",
"lte": "string",
}],
"processTerminatedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"productArns": [{
"comparison": "string",
"value": "string",
}],
"productFields": [{
"comparison": "string",
"key": "string",
"value": "string",
}],
"productNames": [{
"comparison": "string",
"value": "string",
}],
"recommendationTexts": [{
"comparison": "string",
"value": "string",
}],
"recordStates": [{
"comparison": "string",
"value": "string",
}],
"relatedFindingsIds": [{
"comparison": "string",
"value": "string",
}],
"relatedFindingsProductArns": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceIamInstanceProfileArns": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceImageIds": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceIpv4Addresses": [{
"cidr": "string",
}],
"resourceAwsEc2InstanceIpv6Addresses": [{
"cidr": "string",
}],
"resourceAwsEc2InstanceKeyNames": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceLaunchedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"resourceAwsEc2InstanceSubnetIds": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceTypes": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsEc2InstanceVpcIds": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsIamAccessKeyCreatedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"resourceAwsIamAccessKeyStatuses": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsIamAccessKeyUserNames": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsS3BucketOwnerIds": [{
"comparison": "string",
"value": "string",
}],
"resourceAwsS3BucketOwnerNames": [{
"comparison": "string",
"value": "string",
}],
"resourceContainerImageIds": [{
"comparison": "string",
"value": "string",
}],
"resourceContainerImageNames": [{
"comparison": "string",
"value": "string",
}],
"resourceContainerLaunchedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"resourceContainerNames": [{
"comparison": "string",
"value": "string",
}],
"resourceDetailsOthers": [{
"comparison": "string",
"key": "string",
"value": "string",
}],
"resourceIds": [{
"comparison": "string",
"value": "string",
}],
"resourcePartitions": [{
"comparison": "string",
"value": "string",
}],
"resourceRegions": [{
"comparison": "string",
"value": "string",
}],
"resourceTags": [{
"comparison": "string",
"key": "string",
"value": "string",
}],
"resourceTypes": [{
"comparison": "string",
"value": "string",
}],
"severityLabels": [{
"comparison": "string",
"value": "string",
}],
"sourceUrls": [{
"comparison": "string",
"value": "string",
}],
"threatIntelIndicatorCategories": [{
"comparison": "string",
"value": "string",
}],
"threatIntelIndicatorLastObservedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"threatIntelIndicatorSourceUrls": [{
"comparison": "string",
"value": "string",
}],
"threatIntelIndicatorSources": [{
"comparison": "string",
"value": "string",
}],
"threatIntelIndicatorTypes": [{
"comparison": "string",
"value": "string",
}],
"threatIntelIndicatorValues": [{
"comparison": "string",
"value": "string",
}],
"titles": [{
"comparison": "string",
"value": "string",
}],
"types": [{
"comparison": "string",
"value": "string",
}],
"updatedAts": [{
"dateRange": {
"unit": "string",
"value": 0,
},
"end": "string",
"start": "string",
}],
"userDefinedValues": [{
"comparison": "string",
"key": "string",
"value": "string",
}],
"verificationStates": [{
"comparison": "string",
"value": "string",
}],
"workflowStatuses": [{
"comparison": "string",
"value": "string",
}],
},
group_by_attribute="string",
name="string")
const insightResource = new aws.securityhub.Insight("insightResource", {
filters: {
awsAccountIds: [{
comparison: "string",
value: "string",
}],
companyNames: [{
comparison: "string",
value: "string",
}],
complianceStatuses: [{
comparison: "string",
value: "string",
}],
confidences: [{
eq: "string",
gte: "string",
lte: "string",
}],
createdAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
criticalities: [{
eq: "string",
gte: "string",
lte: "string",
}],
descriptions: [{
comparison: "string",
value: "string",
}],
findingProviderFieldsConfidences: [{
eq: "string",
gte: "string",
lte: "string",
}],
findingProviderFieldsCriticalities: [{
eq: "string",
gte: "string",
lte: "string",
}],
findingProviderFieldsRelatedFindingsIds: [{
comparison: "string",
value: "string",
}],
findingProviderFieldsRelatedFindingsProductArns: [{
comparison: "string",
value: "string",
}],
findingProviderFieldsSeverityLabels: [{
comparison: "string",
value: "string",
}],
findingProviderFieldsSeverityOriginals: [{
comparison: "string",
value: "string",
}],
findingProviderFieldsTypes: [{
comparison: "string",
value: "string",
}],
firstObservedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
generatorIds: [{
comparison: "string",
value: "string",
}],
ids: [{
comparison: "string",
value: "string",
}],
keywords: [{
value: "string",
}],
lastObservedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
malwareNames: [{
comparison: "string",
value: "string",
}],
malwarePaths: [{
comparison: "string",
value: "string",
}],
malwareStates: [{
comparison: "string",
value: "string",
}],
malwareTypes: [{
comparison: "string",
value: "string",
}],
networkDestinationDomains: [{
comparison: "string",
value: "string",
}],
networkDestinationIpv4s: [{
cidr: "string",
}],
networkDestinationIpv6s: [{
cidr: "string",
}],
networkDestinationPorts: [{
eq: "string",
gte: "string",
lte: "string",
}],
networkDirections: [{
comparison: "string",
value: "string",
}],
networkProtocols: [{
comparison: "string",
value: "string",
}],
networkSourceDomains: [{
comparison: "string",
value: "string",
}],
networkSourceIpv4s: [{
cidr: "string",
}],
networkSourceIpv6s: [{
cidr: "string",
}],
networkSourceMacs: [{
comparison: "string",
value: "string",
}],
networkSourcePorts: [{
eq: "string",
gte: "string",
lte: "string",
}],
noteTexts: [{
comparison: "string",
value: "string",
}],
noteUpdatedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
noteUpdatedBies: [{
comparison: "string",
value: "string",
}],
processLaunchedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
processNames: [{
comparison: "string",
value: "string",
}],
processParentPids: [{
eq: "string",
gte: "string",
lte: "string",
}],
processPaths: [{
comparison: "string",
value: "string",
}],
processPids: [{
eq: "string",
gte: "string",
lte: "string",
}],
processTerminatedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
productArns: [{
comparison: "string",
value: "string",
}],
productFields: [{
comparison: "string",
key: "string",
value: "string",
}],
productNames: [{
comparison: "string",
value: "string",
}],
recommendationTexts: [{
comparison: "string",
value: "string",
}],
recordStates: [{
comparison: "string",
value: "string",
}],
relatedFindingsIds: [{
comparison: "string",
value: "string",
}],
relatedFindingsProductArns: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceIamInstanceProfileArns: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceImageIds: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceIpv4Addresses: [{
cidr: "string",
}],
resourceAwsEc2InstanceIpv6Addresses: [{
cidr: "string",
}],
resourceAwsEc2InstanceKeyNames: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceLaunchedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
resourceAwsEc2InstanceSubnetIds: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceTypes: [{
comparison: "string",
value: "string",
}],
resourceAwsEc2InstanceVpcIds: [{
comparison: "string",
value: "string",
}],
resourceAwsIamAccessKeyCreatedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
resourceAwsIamAccessKeyStatuses: [{
comparison: "string",
value: "string",
}],
resourceAwsIamAccessKeyUserNames: [{
comparison: "string",
value: "string",
}],
resourceAwsS3BucketOwnerIds: [{
comparison: "string",
value: "string",
}],
resourceAwsS3BucketOwnerNames: [{
comparison: "string",
value: "string",
}],
resourceContainerImageIds: [{
comparison: "string",
value: "string",
}],
resourceContainerImageNames: [{
comparison: "string",
value: "string",
}],
resourceContainerLaunchedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
resourceContainerNames: [{
comparison: "string",
value: "string",
}],
resourceDetailsOthers: [{
comparison: "string",
key: "string",
value: "string",
}],
resourceIds: [{
comparison: "string",
value: "string",
}],
resourcePartitions: [{
comparison: "string",
value: "string",
}],
resourceRegions: [{
comparison: "string",
value: "string",
}],
resourceTags: [{
comparison: "string",
key: "string",
value: "string",
}],
resourceTypes: [{
comparison: "string",
value: "string",
}],
severityLabels: [{
comparison: "string",
value: "string",
}],
sourceUrls: [{
comparison: "string",
value: "string",
}],
threatIntelIndicatorCategories: [{
comparison: "string",
value: "string",
}],
threatIntelIndicatorLastObservedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
threatIntelIndicatorSourceUrls: [{
comparison: "string",
value: "string",
}],
threatIntelIndicatorSources: [{
comparison: "string",
value: "string",
}],
threatIntelIndicatorTypes: [{
comparison: "string",
value: "string",
}],
threatIntelIndicatorValues: [{
comparison: "string",
value: "string",
}],
titles: [{
comparison: "string",
value: "string",
}],
types: [{
comparison: "string",
value: "string",
}],
updatedAts: [{
dateRange: {
unit: "string",
value: 0,
},
end: "string",
start: "string",
}],
userDefinedValues: [{
comparison: "string",
key: "string",
value: "string",
}],
verificationStates: [{
comparison: "string",
value: "string",
}],
workflowStatuses: [{
comparison: "string",
value: "string",
}],
},
groupByAttribute: "string",
name: "string",
});
type: aws:securityhub:Insight
properties:
filters:
awsAccountIds:
- comparison: string
value: string
companyNames:
- comparison: string
value: string
complianceStatuses:
- comparison: string
value: string
confidences:
- eq: string
gte: string
lte: string
createdAts:
- dateRange:
unit: string
value: 0
end: string
start: string
criticalities:
- eq: string
gte: string
lte: string
descriptions:
- comparison: string
value: string
findingProviderFieldsConfidences:
- eq: string
gte: string
lte: string
findingProviderFieldsCriticalities:
- eq: string
gte: string
lte: string
findingProviderFieldsRelatedFindingsIds:
- comparison: string
value: string
findingProviderFieldsRelatedFindingsProductArns:
- comparison: string
value: string
findingProviderFieldsSeverityLabels:
- comparison: string
value: string
findingProviderFieldsSeverityOriginals:
- comparison: string
value: string
findingProviderFieldsTypes:
- comparison: string
value: string
firstObservedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
generatorIds:
- comparison: string
value: string
ids:
- comparison: string
value: string
keywords:
- value: string
lastObservedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
malwareNames:
- comparison: string
value: string
malwarePaths:
- comparison: string
value: string
malwareStates:
- comparison: string
value: string
malwareTypes:
- comparison: string
value: string
networkDestinationDomains:
- comparison: string
value: string
networkDestinationIpv4s:
- cidr: string
networkDestinationIpv6s:
- cidr: string
networkDestinationPorts:
- eq: string
gte: string
lte: string
networkDirections:
- comparison: string
value: string
networkProtocols:
- comparison: string
value: string
networkSourceDomains:
- comparison: string
value: string
networkSourceIpv4s:
- cidr: string
networkSourceIpv6s:
- cidr: string
networkSourceMacs:
- comparison: string
value: string
networkSourcePorts:
- eq: string
gte: string
lte: string
noteTexts:
- comparison: string
value: string
noteUpdatedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
noteUpdatedBies:
- comparison: string
value: string
processLaunchedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
processNames:
- comparison: string
value: string
processParentPids:
- eq: string
gte: string
lte: string
processPaths:
- comparison: string
value: string
processPids:
- eq: string
gte: string
lte: string
processTerminatedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
productArns:
- comparison: string
value: string
productFields:
- comparison: string
key: string
value: string
productNames:
- comparison: string
value: string
recommendationTexts:
- comparison: string
value: string
recordStates:
- comparison: string
value: string
relatedFindingsIds:
- comparison: string
value: string
relatedFindingsProductArns:
- comparison: string
value: string
resourceAwsEc2InstanceIamInstanceProfileArns:
- comparison: string
value: string
resourceAwsEc2InstanceImageIds:
- comparison: string
value: string
resourceAwsEc2InstanceIpv4Addresses:
- cidr: string
resourceAwsEc2InstanceIpv6Addresses:
- cidr: string
resourceAwsEc2InstanceKeyNames:
- comparison: string
value: string
resourceAwsEc2InstanceLaunchedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
resourceAwsEc2InstanceSubnetIds:
- comparison: string
value: string
resourceAwsEc2InstanceTypes:
- comparison: string
value: string
resourceAwsEc2InstanceVpcIds:
- comparison: string
value: string
resourceAwsIamAccessKeyCreatedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
resourceAwsIamAccessKeyStatuses:
- comparison: string
value: string
resourceAwsIamAccessKeyUserNames:
- comparison: string
value: string
resourceAwsS3BucketOwnerIds:
- comparison: string
value: string
resourceAwsS3BucketOwnerNames:
- comparison: string
value: string
resourceContainerImageIds:
- comparison: string
value: string
resourceContainerImageNames:
- comparison: string
value: string
resourceContainerLaunchedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
resourceContainerNames:
- comparison: string
value: string
resourceDetailsOthers:
- comparison: string
key: string
value: string
resourceIds:
- comparison: string
value: string
resourcePartitions:
- comparison: string
value: string
resourceRegions:
- comparison: string
value: string
resourceTags:
- comparison: string
key: string
value: string
resourceTypes:
- comparison: string
value: string
severityLabels:
- comparison: string
value: string
sourceUrls:
- comparison: string
value: string
threatIntelIndicatorCategories:
- comparison: string
value: string
threatIntelIndicatorLastObservedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
threatIntelIndicatorSourceUrls:
- comparison: string
value: string
threatIntelIndicatorSources:
- comparison: string
value: string
threatIntelIndicatorTypes:
- comparison: string
value: string
threatIntelIndicatorValues:
- comparison: string
value: string
titles:
- comparison: string
value: string
types:
- comparison: string
value: string
updatedAts:
- dateRange:
unit: string
value: 0
end: string
start: string
userDefinedValues:
- comparison: string
key: string
value: string
verificationStates:
- comparison: string
value: string
workflowStatuses:
- comparison: string
value: string
groupByAttribute: string
name: string
Insight Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Insight resource accepts the following input properties:
- Filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - Name string
- The name of the custom insight.
- Filters
Insight
Filters Args - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - Name string
- The name of the custom insight.
- filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name String
- The name of the custom insight.
- filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name string
- The name of the custom insight.
- filters
Insight
Filters Args - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group_
by_ strattribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name str
- The name of the custom insight.
- filters Property Map
- A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name String
- The name of the custom insight.
Outputs
All input properties are implicitly available as output properties. Additionally, the Insight resource produces the following output properties:
Look up Existing Insight Resource
Get an existing Insight resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: InsightState, opts?: CustomResourceOptions): Insight
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
filters: Optional[InsightFiltersArgs] = None,
group_by_attribute: Optional[str] = None,
name: Optional[str] = None) -> Insight
func GetInsight(ctx *Context, name string, id IDInput, state *InsightState, opts ...ResourceOption) (*Insight, error)
public static Insight Get(string name, Input<string> id, InsightState? state, CustomResourceOptions? opts = null)
public static Insight get(String name, Output<String> id, InsightState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
- ARN of the insight.
- Filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - Name string
- The name of the custom insight.
- Arn string
- ARN of the insight.
- Filters
Insight
Filters Args - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - Name string
- The name of the custom insight.
- arn String
- ARN of the insight.
- filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name String
- The name of the custom insight.
- arn string
- ARN of the insight.
- filters
Insight
Filters - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By stringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name string
- The name of the custom insight.
- arn str
- ARN of the insight.
- filters
Insight
Filters Args - A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group_
by_ strattribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name str
- The name of the custom insight.
- arn String
- ARN of the insight.
- filters Property Map
- A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute - The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId
, then the insight produces a list of resource identifiers. - name String
- The name of the custom insight.
Supporting Types
InsightFilters, InsightFiltersArgs
- Aws
Account List<InsightIds Filters Aws Account Id> - AWS account ID that a finding is generated in. See String_Filter below for more details.
- Company
Names List<InsightFilters Company Name> - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- Compliance
Statuses List<InsightFilters Compliance Status> - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- Confidences
List<Insight
Filters Confidence> - A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Created
Ats List<InsightFilters Created At> - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- Criticalities
List<Insight
Filters Criticality> - The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Descriptions
List<Insight
Filters Description> - A finding's description. See String Filter below for more details.
- Finding
Provider List<InsightFields Confidences Filters Finding Provider Fields Confidence> - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Finding
Provider List<InsightFields Criticalities Filters Finding Provider Fields Criticality> - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- List<Insight
Filters Finding Provider Fields Related Findings Id> - The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- List<Insight
Filters Finding Provider Fields Related Findings Product Arn> - The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- Finding
Provider List<InsightFields Severity Labels Filters Finding Provider Fields Severity Label> - The finding provider value for the severity label. See String Filter below for more details.
- Finding
Provider List<InsightFields Severity Originals Filters Finding Provider Fields Severity Original> - The finding provider's original value for the severity. See String Filter below for more details.
- Finding
Provider List<InsightFields Types Filters Finding Provider Fields Type> - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - First
Observed List<InsightAts Filters First Observed At> - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- Generator
Ids List<InsightFilters Generator Id> - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- Ids
List<Insight
Filters Id> - The security findings provider-specific identifier for a finding. See String Filter below for more details.
- Keywords
List<Insight
Filters Keyword> - A keyword for a finding. See Keyword Filter below for more details.
- Last
Observed List<InsightAts Filters Last Observed At> - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- Malware
Names List<InsightFilters Malware Name> - The name of the malware that was observed. See String Filter below for more details.
- Malware
Paths List<InsightFilters Malware Path> - The filesystem path of the malware that was observed. See String Filter below for more details.
- Malware
States List<InsightFilters Malware State> - The state of the malware that was observed. See String Filter below for more details.
- Malware
Types List<InsightFilters Malware Type> - The type of the malware that was observed. See String Filter below for more details.
- Network
Destination List<InsightDomains Filters Network Destination Domain> - The destination domain of network-related information about a finding. See String Filter below for more details.
- Network
Destination List<InsightIpv4s Filters Network Destination Ipv4> - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination List<InsightIpv6s Filters Network Destination Ipv6> - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination List<InsightPorts Filters Network Destination Port> - The destination port of network-related information about a finding. See Number Filter below for more details.
- Network
Directions List<InsightFilters Network Direction> - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- Network
Protocols List<InsightFilters Network Protocol> - The protocol of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightDomains Filters Network Source Domain> - The source domain of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightIpv4s Filters Network Source Ipv4> - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source List<InsightIpv6s Filters Network Source Ipv6> - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source List<InsightMacs Filters Network Source Mac> - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightPorts Filters Network Source Port> - The source port of network-related information about a finding. See Number Filter below for more details.
- Note
Texts List<InsightFilters Note Text> - The text of a note. See String Filter below for more details.
- Note
Updated List<InsightAts Filters Note Updated At> - The timestamp of when the note was updated. See Date Filter below for more details.
- Note
Updated List<InsightBies Filters Note Updated By> - The principal that created a note. See String Filter below for more details.
- Process
Launched List<InsightAts Filters Process Launched At> - The date/time that the process was launched. See Date Filter below for more details.
- Process
Names List<InsightFilters Process Name> - The name of the process. See String Filter below for more details.
- Process
Parent List<InsightPids Filters Process Parent Pid> - The parent process ID. See Number Filter below for more details.
- Process
Paths List<InsightFilters Process Path> - The path to the process executable. See String Filter below for more details.
- Process
Pids List<InsightFilters Process Pid> - The process ID. See Number Filter below for more details.
- Process
Terminated List<InsightAts Filters Process Terminated At> - The date/time that the process was terminated. See Date Filter below for more details.
- Product
Arns List<InsightFilters Product Arn> - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- Product
Fields List<InsightFilters Product Field> - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - Product
Names List<InsightFilters Product Name> - The name of the solution (product) that generates findings. See String Filter below for more details.
- Recommendation
Texts List<InsightFilters Recommendation Text> - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- Record
States List<InsightFilters Record State> - The updated record state for the finding. See String Filter below for more details.
- List<Insight
Filters Related Findings Id> - The solution-generated identifier for a related finding. See String Filter below for more details.
- List<Insight
Filters Related Findings Product Arn> - The ARN of the solution that generated a related finding. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn> - The IAM profile ARN of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id> - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address> - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws List<InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address> - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws List<InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name> - The key name associated with the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At> - The date and time the instance was launched. See Date Filter below for more details.
- Resource
Aws List<InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id> - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Types Filters Resource Aws Ec2Instance Type> - The instance type of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id> - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- Resource
Aws List<InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At> - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- Resource
Aws List<InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status> - The status of the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws List<InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name> - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws List<InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id> - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Aws List<InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name> - The display name of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Container List<InsightImage Ids Filters Resource Container Image Id> - The identifier of the image related to a finding. See String Filter below for more details.
- Resource
Container List<InsightImage Names Filters Resource Container Image Name> - The name of the image related to a finding. See String Filter below for more details.
- Resource
Container List<InsightLaunched Ats Filters Resource Container Launched At> - The date/time that the container was started. See Date Filter below for more details.
- Resource
Container List<InsightNames Filters Resource Container Name> - The name of the container related to a finding. See String Filter below for more details.
- Resource
Details List<InsightOthers Filters Resource Details Other> - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- Resource
Ids List<InsightFilters Resource Id> - The canonical identifier for the given resource type. See String Filter below for more details.
- Resource
Partitions List<InsightFilters Resource Partition> - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- Resource
Regions List<InsightFilters Resource Region> - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- List<Insight
Filters Resource Tag> - A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- Resource
Types List<InsightFilters Resource Type> - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- Severity
Labels List<InsightFilters Severity Label> - The label of a finding's severity. See String Filter below for more details.
- Source
Urls List<InsightFilters Source Url> - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Categories Filters Threat Intel Indicator Category> - The category of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At> - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- Threat
Intel List<InsightIndicator Source Urls Filters Threat Intel Indicator Source Url> - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Sources Filters Threat Intel Indicator Source> - The source of the threat intelligence. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Types Filters Threat Intel Indicator Type> - The type of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Values Filters Threat Intel Indicator Value> - The value of a threat intelligence indicator. See String Filter below for more details.
- Titles
List<Insight
Filters Title> - A finding's title. See String Filter below for more details.
- Types
List<Insight
Filters Type> - A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - Updated
Ats List<InsightFilters Updated At> - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- User
Defined List<InsightValues Filters User Defined Value> - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- Verification
States List<InsightFilters Verification State> - The veracity of a finding. See String Filter below for more details.
- Workflow
Statuses List<InsightFilters Workflow Status> - The status of the investigation into a finding. See Workflow Status Filter below for more details.
- Aws
Account []InsightIds Filters Aws Account Id - AWS account ID that a finding is generated in. See String_Filter below for more details.
- Company
Names []InsightFilters Company Name - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- Compliance
Statuses []InsightFilters Compliance Status - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- Confidences
[]Insight
Filters Confidence - A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Created
Ats []InsightFilters Created At - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- Criticalities
[]Insight
Filters Criticality - The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Descriptions
[]Insight
Filters Description - A finding's description. See String Filter below for more details.
- Finding
Provider []InsightFields Confidences Filters Finding Provider Fields Confidence - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Finding
Provider []InsightFields Criticalities Filters Finding Provider Fields Criticality - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- []Insight
Filters Finding Provider Fields Related Findings Id - The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- []Insight
Filters Finding Provider Fields Related Findings Product Arn - The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- Finding
Provider []InsightFields Severity Labels Filters Finding Provider Fields Severity Label - The finding provider value for the severity label. See String Filter below for more details.
- Finding
Provider []InsightFields Severity Originals Filters Finding Provider Fields Severity Original - The finding provider's original value for the severity. See String Filter below for more details.
- Finding
Provider []InsightFields Types Filters Finding Provider Fields Type - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - First
Observed []InsightAts Filters First Observed At - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- Generator
Ids []InsightFilters Generator Id - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- Ids
[]Insight
Filters Id - The security findings provider-specific identifier for a finding. See String Filter below for more details.
- Keywords
[]Insight
Filters Keyword - A keyword for a finding. See Keyword Filter below for more details.
- Last
Observed []InsightAts Filters Last Observed At - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- Malware
Names []InsightFilters Malware Name - The name of the malware that was observed. See String Filter below for more details.
- Malware
Paths []InsightFilters Malware Path - The filesystem path of the malware that was observed. See String Filter below for more details.
- Malware
States []InsightFilters Malware State - The state of the malware that was observed. See String Filter below for more details.
- Malware
Types []InsightFilters Malware Type - The type of the malware that was observed. See String Filter below for more details.
- Network
Destination []InsightDomains Filters Network Destination Domain - The destination domain of network-related information about a finding. See String Filter below for more details.
- Network
Destination []InsightIpv4s Filters Network Destination Ipv4 - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination []InsightIpv6s Filters Network Destination Ipv6 - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination []InsightPorts Filters Network Destination Port - The destination port of network-related information about a finding. See Number Filter below for more details.
- Network
Directions []InsightFilters Network Direction - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- Network
Protocols []InsightFilters Network Protocol - The protocol of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightDomains Filters Network Source Domain - The source domain of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightIpv4s Filters Network Source Ipv4 - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source []InsightIpv6s Filters Network Source Ipv6 - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source []InsightMacs Filters Network Source Mac - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightPorts Filters Network Source Port - The source port of network-related information about a finding. See Number Filter below for more details.
- Note
Texts []InsightFilters Note Text - The text of a note. See String Filter below for more details.
- Note
Updated []InsightAts Filters Note Updated At - The timestamp of when the note was updated. See Date Filter below for more details.
- Note
Updated []InsightBies Filters Note Updated By - The principal that created a note. See String Filter below for more details.
- Process
Launched []InsightAts Filters Process Launched At - The date/time that the process was launched. See Date Filter below for more details.
- Process
Names []InsightFilters Process Name - The name of the process. See String Filter below for more details.
- Process
Parent []InsightPids Filters Process Parent Pid - The parent process ID. See Number Filter below for more details.
- Process
Paths []InsightFilters Process Path - The path to the process executable. See String Filter below for more details.
- Process
Pids []InsightFilters Process Pid - The process ID. See Number Filter below for more details.
- Process
Terminated []InsightAts Filters Process Terminated At - The date/time that the process was terminated. See Date Filter below for more details.
- Product
Arns []InsightFilters Product Arn - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- Product
Fields []InsightFilters Product Field - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - Product
Names []InsightFilters Product Name - The name of the solution (product) that generates findings. See String Filter below for more details.
- Recommendation
Texts []InsightFilters Recommendation Text - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- Record
States []InsightFilters Record State - The updated record state for the finding. See String Filter below for more details.
- []Insight
Filters Related Findings Id - The solution-generated identifier for a related finding. See String Filter below for more details.
- []Insight
Filters Related Findings Product Arn - The ARN of the solution that generated a related finding. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn - The IAM profile ARN of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws []InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws []InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name - The key name associated with the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At - The date and time the instance was launched. See Date Filter below for more details.
- Resource
Aws []InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Types Filters Resource Aws Ec2Instance Type - The instance type of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- Resource
Aws []InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- Resource
Aws []InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status - The status of the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws []InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws []InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Aws []InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name - The display name of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Container []InsightImage Ids Filters Resource Container Image Id - The identifier of the image related to a finding. See String Filter below for more details.
- Resource
Container []InsightImage Names Filters Resource Container Image Name - The name of the image related to a finding. See String Filter below for more details.
- Resource
Container []InsightLaunched Ats Filters Resource Container Launched At - The date/time that the container was started. See Date Filter below for more details.
- Resource
Container []InsightNames Filters Resource Container Name - The name of the container related to a finding. See String Filter below for more details.
- Resource
Details []InsightOthers Filters Resource Details Other - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- Resource
Ids []InsightFilters Resource Id - The canonical identifier for the given resource type. See String Filter below for more details.
- Resource
Partitions []InsightFilters Resource Partition - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- Resource
Regions []InsightFilters Resource Region - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- []Insight
Filters Resource Tag - A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- Resource
Types []InsightFilters Resource Type - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- Severity
Labels []InsightFilters Severity Label - The label of a finding's severity. See String Filter below for more details.
- Source
Urls []InsightFilters Source Url - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- Threat
Intel []InsightIndicator Categories Filters Threat Intel Indicator Category - The category of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel []InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- Threat
Intel []InsightIndicator Source Urls Filters Threat Intel Indicator Source Url - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- Threat
Intel []InsightIndicator Sources Filters Threat Intel Indicator Source - The source of the threat intelligence. See String Filter below for more details.
- Threat
Intel []InsightIndicator Types Filters Threat Intel Indicator Type - The type of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel []InsightIndicator Values Filters Threat Intel Indicator Value - The value of a threat intelligence indicator. See String Filter below for more details.
- Titles
[]Insight
Filters Title - A finding's title. See String Filter below for more details.
- Types
[]Insight
Filters Type - A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - Updated
Ats []InsightFilters Updated At - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- User
Defined []InsightValues Filters User Defined Value - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- Verification
States []InsightFilters Verification State - The veracity of a finding. See String Filter below for more details.
- Workflow
Statuses []InsightFilters Workflow Status - The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account List<InsightIds Filters Aws Account Id> - AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names List<InsightFilters Company Name> - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses List<InsightFilters Compliance Status> - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
List<Insight
Filters Confidence> - A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats List<InsightFilters Created At> - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
List<Insight
Filters Criticality> - The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
List<Insight
Filters Description> - A finding's description. See String Filter below for more details.
- finding
Provider List<InsightFields Confidences Filters Finding Provider Fields Confidence> - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider List<InsightFields Criticalities Filters Finding Provider Fields Criticality> - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- List<Insight
Filters Finding Provider Fields Related Findings Id> - The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- List<Insight
Filters Finding Provider Fields Related Findings Product Arn> - The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider List<InsightFields Severity Labels Filters Finding Provider Fields Severity Label> - The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider List<InsightFields Severity Originals Filters Finding Provider Fields Severity Original> - The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider List<InsightFields Types Filters Finding Provider Fields Type> - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - first
Observed List<InsightAts Filters First Observed At> - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids List<InsightFilters Generator Id> - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
List<Insight
Filters Id> - The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
List<Insight
Filters Keyword> - A keyword for a finding. See Keyword Filter below for more details.
- last
Observed List<InsightAts Filters Last Observed At> - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names List<InsightFilters Malware Name> - The name of the malware that was observed. See String Filter below for more details.
- malware
Paths List<InsightFilters Malware Path> - The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States List<InsightFilters Malware State> - The state of the malware that was observed. See String Filter below for more details.
- malware
Types List<InsightFilters Malware Type> - The type of the malware that was observed. See String Filter below for more details.
- network
Destination List<InsightDomains Filters Network Destination Domain> - The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination List<InsightIpv4s Filters Network Destination Ipv4> - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<InsightIpv6s Filters Network Destination Ipv6> - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<InsightPorts Filters Network Destination Port> - The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions List<InsightFilters Network Direction> - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols List<InsightFilters Network Protocol> - The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightDomains Filters Network Source Domain> - The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightIpv4s Filters Network Source Ipv4> - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<InsightIpv6s Filters Network Source Ipv6> - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<InsightMacs Filters Network Source Mac> - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightPorts Filters Network Source Port> - The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts List<InsightFilters Note Text> - The text of a note. See String Filter below for more details.
- note
Updated List<InsightAts Filters Note Updated At> - The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated List<InsightBies Filters Note Updated By> - The principal that created a note. See String Filter below for more details.
- process
Launched List<InsightAts Filters Process Launched At> - The date/time that the process was launched. See Date Filter below for more details.
- process
Names List<InsightFilters Process Name> - The name of the process. See String Filter below for more details.
- process
Parent List<InsightPids Filters Process Parent Pid> - The parent process ID. See Number Filter below for more details.
- process
Paths List<InsightFilters Process Path> - The path to the process executable. See String Filter below for more details.
- process
Pids List<InsightFilters Process Pid> - The process ID. See Number Filter below for more details.
- process
Terminated List<InsightAts Filters Process Terminated At> - The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns List<InsightFilters Product Arn> - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields List<InsightFilters Product Field> - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - product
Names List<InsightFilters Product Name> - The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts List<InsightFilters Recommendation Text> - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States List<InsightFilters Record State> - The updated record state for the finding. See String Filter below for more details.
- List<Insight
Filters Related Findings Id> - The solution-generated identifier for a related finding. See String Filter below for more details.
- List<Insight
Filters Related Findings Product Arn> - The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn> - The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id> - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address> - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address> - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name> - The key name associated with the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At> - The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws List<InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id> - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Types Filters Resource Aws Ec2Instance Type> - The instance type of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id> - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws List<InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At> - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws List<InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status> - The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name> - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id> - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws List<InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name> - The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container List<InsightImage Ids Filters Resource Container Image Id> - The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container List<InsightImage Names Filters Resource Container Image Name> - The name of the image related to a finding. See String Filter below for more details.
- resource
Container List<InsightLaunched Ats Filters Resource Container Launched At> - The date/time that the container was started. See Date Filter below for more details.
- resource
Container List<InsightNames Filters Resource Container Name> - The name of the container related to a finding. See String Filter below for more details.
- resource
Details List<InsightOthers Filters Resource Details Other> - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids List<InsightFilters Resource Id> - The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions List<InsightFilters Resource Partition> - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions List<InsightFilters Resource Region> - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- List<Insight
Filters Resource Tag> - A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types List<InsightFilters Resource Type> - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels List<InsightFilters Severity Label> - The label of a finding's severity. See String Filter below for more details.
- source
Urls List<InsightFilters Source Url> - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel List<InsightIndicator Categories Filters Threat Intel Indicator Category> - The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At> - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel List<InsightIndicator Source Urls Filters Threat Intel Indicator Source Url> - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<InsightIndicator Sources Filters Threat Intel Indicator Source> - The source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<InsightIndicator Types Filters Threat Intel Indicator Type> - The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<InsightIndicator Values Filters Threat Intel Indicator Value> - The value of a threat intelligence indicator. See String Filter below for more details.
- titles
List<Insight
Filters Title> - A finding's title. See String Filter below for more details.
- types
List<Insight
Filters Type> - A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - updated
Ats List<InsightFilters Updated At> - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined List<InsightValues Filters User Defined Value> - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States List<InsightFilters Verification State> - The veracity of a finding. See String Filter below for more details.
- workflow
Statuses List<InsightFilters Workflow Status> - The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account InsightIds Filters Aws Account Id[] - AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names InsightFilters Company Name[] - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses InsightFilters Compliance Status[] - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
Insight
Filters Confidence[] - A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats InsightFilters Created At[] - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
Insight
Filters Criticality[] - The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
Insight
Filters Description[] - A finding's description. See String Filter below for more details.
- finding
Provider InsightFields Confidences Filters Finding Provider Fields Confidence[] - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider InsightFields Criticalities Filters Finding Provider Fields Criticality[] - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Insight
Filters Finding Provider Fields Related Findings Id[] - The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- Insight
Filters Finding Provider Fields Related Findings Product Arn[] - The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider InsightFields Severity Labels Filters Finding Provider Fields Severity Label[] - The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider InsightFields Severity Originals Filters Finding Provider Fields Severity Original[] - The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider InsightFields Types Filters Finding Provider Fields Type[] - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - first
Observed InsightAts Filters First Observed At[] - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids InsightFilters Generator Id[] - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
Insight
Filters Id[] - The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
Insight
Filters Keyword[] - A keyword for a finding. See Keyword Filter below for more details.
- last
Observed InsightAts Filters Last Observed At[] - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names InsightFilters Malware Name[] - The name of the malware that was observed. See String Filter below for more details.
- malware
Paths InsightFilters Malware Path[] - The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States InsightFilters Malware State[] - The state of the malware that was observed. See String Filter below for more details.
- malware
Types InsightFilters Malware Type[] - The type of the malware that was observed. See String Filter below for more details.
- network
Destination InsightDomains Filters Network Destination Domain[] - The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination InsightIpv4s Filters Network Destination Ipv4[] - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination InsightIpv6s Filters Network Destination Ipv6[] - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination InsightPorts Filters Network Destination Port[] - The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions InsightFilters Network Direction[] - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols InsightFilters Network Protocol[] - The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source InsightDomains Filters Network Source Domain[] - The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source InsightIpv4s Filters Network Source Ipv4[] - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source InsightIpv6s Filters Network Source Ipv6[] - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source InsightMacs Filters Network Source Mac[] - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source InsightPorts Filters Network Source Port[] - The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts InsightFilters Note Text[] - The text of a note. See String Filter below for more details.
- note
Updated InsightAts Filters Note Updated At[] - The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated InsightBies Filters Note Updated By[] - The principal that created a note. See String Filter below for more details.
- process
Launched InsightAts Filters Process Launched At[] - The date/time that the process was launched. See Date Filter below for more details.
- process
Names InsightFilters Process Name[] - The name of the process. See String Filter below for more details.
- process
Parent InsightPids Filters Process Parent Pid[] - The parent process ID. See Number Filter below for more details.
- process
Paths InsightFilters Process Path[] - The path to the process executable. See String Filter below for more details.
- process
Pids InsightFilters Process Pid[] - The process ID. See Number Filter below for more details.
- process
Terminated InsightAts Filters Process Terminated At[] - The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns InsightFilters Product Arn[] - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields InsightFilters Product Field[] - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - product
Names InsightFilters Product Name[] - The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts InsightFilters Recommendation Text[] - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States InsightFilters Record State[] - The updated record state for the finding. See String Filter below for more details.
- Insight
Filters Related Findings Id[] - The solution-generated identifier for a related finding. See String Filter below for more details.
- Insight
Filters Related Findings Product Arn[] - The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn[] - The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id[] - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address[] - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address[] - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name[] - The key name associated with the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At[] - The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id[] - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws InsightEc2Instance Types Filters Resource Aws Ec2Instance Type[] - The instance type of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id[] - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At[] - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status[] - The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name[] - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id[] - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name[] - The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container InsightImage Ids Filters Resource Container Image Id[] - The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container InsightImage Names Filters Resource Container Image Name[] - The name of the image related to a finding. See String Filter below for more details.
- resource
Container InsightLaunched Ats Filters Resource Container Launched At[] - The date/time that the container was started. See Date Filter below for more details.
- resource
Container InsightNames Filters Resource Container Name[] - The name of the container related to a finding. See String Filter below for more details.
- resource
Details InsightOthers Filters Resource Details Other[] - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids InsightFilters Resource Id[] - The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions InsightFilters Resource Partition[] - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions InsightFilters Resource Region[] - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- Insight
Filters Resource Tag[] - A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types InsightFilters Resource Type[] - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels InsightFilters Severity Label[] - The label of a finding's severity. See String Filter below for more details.
- source
Urls InsightFilters Source Url[] - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel InsightIndicator Categories Filters Threat Intel Indicator Category[] - The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At[] - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel InsightIndicator Source Urls Filters Threat Intel Indicator Source Url[] - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel InsightIndicator Sources Filters Threat Intel Indicator Source[] - The source of the threat intelligence. See String Filter below for more details.
- threat
Intel InsightIndicator Types Filters Threat Intel Indicator Type[] - The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel InsightIndicator Values Filters Threat Intel Indicator Value[] - The value of a threat intelligence indicator. See String Filter below for more details.
- titles
Insight
Filters Title[] - A finding's title. See String Filter below for more details.
- types
Insight
Filters Type[] - A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - updated
Ats InsightFilters Updated At[] - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined InsightValues Filters User Defined Value[] - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States InsightFilters Verification State[] - The veracity of a finding. See String Filter below for more details.
- workflow
Statuses InsightFilters Workflow Status[] - The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws_
account_ Sequence[Insightids Filters Aws Account Id] - AWS account ID that a finding is generated in. See String_Filter below for more details.
- company_
names Sequence[InsightFilters Company Name] - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance_
statuses Sequence[InsightFilters Compliance Status] - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
Sequence[Insight
Filters Confidence] - A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created_
ats Sequence[InsightFilters Created At] - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
Sequence[Insight
Filters Criticality] - The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
Sequence[Insight
Filters Description] - A finding's description. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ confidences Filters Finding Provider Fields Confidence] - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ criticalities Filters Finding Provider Fields Criticality] - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Sequence[Insight
Filters Finding Provider Fields Related Findings Id] - The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- Sequence[Insight
Filters Finding Provider Fields Related Findings Product Arn] - The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ severity_ labels Filters Finding Provider Fields Severity Label] - The finding provider value for the severity label. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ severity_ originals Filters Finding Provider Fields Severity Original] - The finding provider's original value for the severity. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ types Filters Finding Provider Fields Type] - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - first_
observed_ Sequence[Insightats Filters First Observed At] - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator_
ids Sequence[InsightFilters Generator Id] - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
Sequence[Insight
Filters Id] - The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
Sequence[Insight
Filters Keyword] - A keyword for a finding. See Keyword Filter below for more details.
- last_
observed_ Sequence[Insightats Filters Last Observed At] - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware_
names Sequence[InsightFilters Malware Name] - The name of the malware that was observed. See String Filter below for more details.
- malware_
paths Sequence[InsightFilters Malware Path] - The filesystem path of the malware that was observed. See String Filter below for more details.
- malware_
states Sequence[InsightFilters Malware State] - The state of the malware that was observed. See String Filter below for more details.
- malware_
types Sequence[InsightFilters Malware Type] - The type of the malware that was observed. See String Filter below for more details.
- network_
destination_ Sequence[Insightdomains Filters Network Destination Domain] - The destination domain of network-related information about a finding. See String Filter below for more details.
- network_
destination_ Sequence[Insightipv4s Filters Network Destination Ipv4] - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network_
destination_ Sequence[Insightipv6s Filters Network Destination Ipv6] - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network_
destination_ Sequence[Insightports Filters Network Destination Port] - The destination port of network-related information about a finding. See Number Filter below for more details.
- network_
directions Sequence[InsightFilters Network Direction] - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network_
protocols Sequence[InsightFilters Network Protocol] - The protocol of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightdomains Filters Network Source Domain] - The source domain of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightipv4s Filters Network Source Ipv4] - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network_
source_ Sequence[Insightipv6s Filters Network Source Ipv6] - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network_
source_ Sequence[Insightmacs Filters Network Source Mac] - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightports Filters Network Source Port] - The source port of network-related information about a finding. See Number Filter below for more details.
- note_
texts Sequence[InsightFilters Note Text] - The text of a note. See String Filter below for more details.
- note_
updated_ Sequence[Insightats Filters Note Updated At] - The timestamp of when the note was updated. See Date Filter below for more details.
- note_
updated_ Sequence[Insightbies Filters Note Updated By] - The principal that created a note. See String Filter below for more details.
- process_
launched_ Sequence[Insightats Filters Process Launched At] - The date/time that the process was launched. See Date Filter below for more details.
- process_
names Sequence[InsightFilters Process Name] - The name of the process. See String Filter below for more details.
- process_
parent_ Sequence[Insightpids Filters Process Parent Pid] - The parent process ID. See Number Filter below for more details.
- process_
paths Sequence[InsightFilters Process Path] - The path to the process executable. See String Filter below for more details.
- process_
pids Sequence[InsightFilters Process Pid] - The process ID. See Number Filter below for more details.
- process_
terminated_ Sequence[Insightats Filters Process Terminated At] - The date/time that the process was terminated. See Date Filter below for more details.
- product_
arns Sequence[InsightFilters Product Arn] - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product_
fields Sequence[InsightFilters Product Field] - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - product_
names Sequence[InsightFilters Product Name] - The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation_
texts Sequence[InsightFilters Recommendation Text] - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record_
states Sequence[InsightFilters Record State] - The updated record state for the finding. See String Filter below for more details.
- Sequence[Insight
Filters Related Findings Id] - The solution-generated identifier for a related finding. See String Filter below for more details.
- Sequence[Insight
Filters Related Findings Product Arn] - The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ iam_ instance_ profile_ arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn] - The IAM profile ARN of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ image_ ids Filters Resource Aws Ec2Instance Image Id] - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ ipv4_ addresses Filters Resource Aws Ec2Instance Ipv4Address] - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ ipv6_ addresses Filters Resource Aws Ec2Instance Ipv6Address] - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ key_ names Filters Resource Aws Ec2Instance Key Name] - The key name associated with the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ launched_ ats Filters Resource Aws Ec2Instance Launched At] - The date and time the instance was launched. See Date Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ subnet_ ids Filters Resource Aws Ec2Instance Subnet Id] - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ types Filters Resource Aws Ec2Instance Type] - The instance type of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ vpc_ ids Filters Resource Aws Ec2Instance Vpc Id] - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ created_ ats Filters Resource Aws Iam Access Key Created At] - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ statuses Filters Resource Aws Iam Access Key Status] - The status of the IAM access key related to a finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ user_ names Filters Resource Aws Iam Access Key User Name] - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insights3_ bucket_ owner_ ids Filters Resource Aws S3Bucket Owner Id] - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource_
aws_ Sequence[Insights3_ bucket_ owner_ names Filters Resource Aws S3Bucket Owner Name] - The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource_
container_ Sequence[Insightimage_ ids Filters Resource Container Image Id] - The identifier of the image related to a finding. See String Filter below for more details.
- resource_
container_ Sequence[Insightimage_ names Filters Resource Container Image Name] - The name of the image related to a finding. See String Filter below for more details.
- resource_
container_ Sequence[Insightlaunched_ ats Filters Resource Container Launched At] - The date/time that the container was started. See Date Filter below for more details.
- resource_
container_ Sequence[Insightnames Filters Resource Container Name] - The name of the container related to a finding. See String Filter below for more details.
- resource_
details_ Sequence[Insightothers Filters Resource Details Other] - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource_
ids Sequence[InsightFilters Resource Id] - The canonical identifier for the given resource type. See String Filter below for more details.
- resource_
partitions Sequence[InsightFilters Resource Partition] - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource_
regions Sequence[InsightFilters Resource Region] - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- Sequence[Insight
Filters Resource Tag] - A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource_
types Sequence[InsightFilters Resource Type] - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity_
labels Sequence[InsightFilters Severity Label] - The label of a finding's severity. See String Filter below for more details.
- source_
urls Sequence[InsightFilters Source Url] - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ categories Filters Threat Intel Indicator Category] - The category of a threat intelligence indicator. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ last_ observed_ ats Filters Threat Intel Indicator Last Observed At] - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ source_ urls Filters Threat Intel Indicator Source Url] - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ sources Filters Threat Intel Indicator Source] - The source of the threat intelligence. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ types Filters Threat Intel Indicator Type] - The type of a threat intelligence indicator. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ values Filters Threat Intel Indicator Value] - The value of a threat intelligence indicator. See String Filter below for more details.
- titles
Sequence[Insight
Filters Title] - A finding's title. See String Filter below for more details.
- types
Sequence[Insight
Filters Type] - A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - updated_
ats Sequence[InsightFilters Updated At] - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user_
defined_ Sequence[Insightvalues Filters User Defined Value] - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification_
states Sequence[InsightFilters Verification State] - The veracity of a finding. See String Filter below for more details.
- workflow_
statuses Sequence[InsightFilters Workflow Status] - The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account List<Property Map>Ids - AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names List<Property Map> - The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses List<Property Map> - Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences List<Property Map>
- A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats List<Property Map> - An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities List<Property Map>
- The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions List<Property Map>
- A finding's description. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Confidences - The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider List<Property Map>Fields Criticalities - The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- List<Property Map>
- The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- List<Property Map>
- The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Severity Labels - The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Severity Originals - The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Types - One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifier
that classify a finding. Valid namespace values include:Software and Configuration Checks
,TTPs
,Effects
,Unusual Behaviors
, andSensitive Data Identifications
. See String Filter below for more details. - first
Observed List<Property Map>Ats - An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids List<Property Map> - The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids List<Property Map>
- The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords List<Property Map>
- A keyword for a finding. See Keyword Filter below for more details.
- last
Observed List<Property Map>Ats - An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names List<Property Map> - The name of the malware that was observed. See String Filter below for more details.
- malware
Paths List<Property Map> - The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States List<Property Map> - The state of the malware that was observed. See String Filter below for more details.
- malware
Types List<Property Map> - The type of the malware that was observed. See String Filter below for more details.
- network
Destination List<Property Map>Domains - The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination List<Property Map>Ipv4s - The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<Property Map>Ipv6s - The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<Property Map>Ports - The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions List<Property Map> - Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols List<Property Map> - The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Domains - The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Ipv4s - The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<Property Map>Ipv6s - The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<Property Map>Macs - The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Ports - The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts List<Property Map> - The text of a note. See String Filter below for more details.
- note
Updated List<Property Map>Ats - The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated List<Property Map>Bies - The principal that created a note. See String Filter below for more details.
- process
Launched List<Property Map>Ats - The date/time that the process was launched. See Date Filter below for more details.
- process
Names List<Property Map> - The name of the process. See String Filter below for more details.
- process
Parent List<Property Map>Pids - The parent process ID. See Number Filter below for more details.
- process
Paths List<Property Map> - The path to the process executable. See String Filter below for more details.
- process
Pids List<Property Map> - The process ID. See Number Filter below for more details.
- process
Terminated List<Property Map>Ats - The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns List<Property Map> - The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields List<Property Map> - A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. See Map Filter below for more details. - product
Names List<Property Map> - The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts List<Property Map> - The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States List<Property Map> - The updated record state for the finding. See String Filter below for more details.
- List<Property Map>
- The solution-generated identifier for a related finding. See String Filter below for more details.
- List<Property Map>
- The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Iam Instance Profile Arns - The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Image Ids - The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Ipv4Addresses - The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Ipv6Addresses - The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Key Names - The key name associated with the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Launched Ats - The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Subnet Ids - The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Types - The instance type of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Vpc Ids - The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key Created Ats - The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key Statuses - The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key User Names - The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<Property Map>S3Bucket Owner Ids - The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws List<Property Map>S3Bucket Owner Names - The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container List<Property Map>Image Ids - The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container List<Property Map>Image Names - The name of the image related to a finding. See String Filter below for more details.
- resource
Container List<Property Map>Launched Ats - The date/time that the container was started. See Date Filter below for more details.
- resource
Container List<Property Map>Names - The name of the container related to a finding. See String Filter below for more details.
- resource
Details List<Property Map>Others - The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids List<Property Map> - The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions List<Property Map> - The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions List<Property Map> - The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- List<Property Map>
- A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types List<Property Map> - Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels List<Property Map> - The label of a finding's severity. See String Filter below for more details.
- source
Urls List<Property Map> - A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Categories - The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Last Observed Ats - The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel List<Property Map>Indicator Source Urls - The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Sources - The source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Types - The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Values - The value of a threat intelligence indicator. See String Filter below for more details.
- titles List<Property Map>
- A finding's title. See String Filter below for more details.
- types List<Property Map>
- A finding type in the format of
namespace/category/classifier
that classifies a finding. See String Filter below for more details. - updated
Ats List<Property Map> - An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined List<Property Map>Values - A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States List<Property Map> - The veracity of a finding. See String Filter below for more details.
- workflow
Statuses List<Property Map> - The status of the investigation into a finding. See Workflow Status Filter below for more details.
InsightFiltersAwsAccountId, InsightFiltersAwsAccountIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersCompanyName, InsightFiltersCompanyNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersComplianceStatus, InsightFiltersComplianceStatusArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersConfidence, InsightFiltersConfidenceArgs
InsightFiltersCreatedAt, InsightFiltersCreatedAtArgs
- Date
Range InsightFilters Created At Date Range - End string
- Start string
- Date
Range InsightFilters Created At Date Range - End string
- Start string
- date
Range InsightFilters Created At Date Range - end String
- start String
- date
Range InsightFilters Created At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersCreatedAtDateRange, InsightFiltersCreatedAtDateRangeArgs
InsightFiltersCriticality, InsightFiltersCriticalityArgs
InsightFiltersDescription, InsightFiltersDescriptionArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFindingProviderFieldsConfidence, InsightFiltersFindingProviderFieldsConfidenceArgs
InsightFiltersFindingProviderFieldsCriticality, InsightFiltersFindingProviderFieldsCriticalityArgs
InsightFiltersFindingProviderFieldsRelatedFindingsId, InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFindingProviderFieldsRelatedFindingsProductArn, InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFindingProviderFieldsSeverityLabel, InsightFiltersFindingProviderFieldsSeverityLabelArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFindingProviderFieldsSeverityOriginal, InsightFiltersFindingProviderFieldsSeverityOriginalArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFindingProviderFieldsType, InsightFiltersFindingProviderFieldsTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersFirstObservedAt, InsightFiltersFirstObservedAtArgs
- Date
Range InsightFilters First Observed At Date Range - End string
- Start string
- Date
Range InsightFilters First Observed At Date Range - End string
- Start string
- date
Range InsightFilters First Observed At Date Range - end String
- start String
- date
Range InsightFilters First Observed At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersFirstObservedAtDateRange, InsightFiltersFirstObservedAtDateRangeArgs
InsightFiltersGeneratorId, InsightFiltersGeneratorIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersId, InsightFiltersIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersKeyword, InsightFiltersKeywordArgs
- Value string
- A value for the keyword.
- Value string
- A value for the keyword.
- value String
- A value for the keyword.
- value string
- A value for the keyword.
- value str
- A value for the keyword.
- value String
- A value for the keyword.
InsightFiltersLastObservedAt, InsightFiltersLastObservedAtArgs
- Date
Range InsightFilters Last Observed At Date Range - End string
- Start string
- Date
Range InsightFilters Last Observed At Date Range - End string
- Start string
- date
Range InsightFilters Last Observed At Date Range - end String
- start String
- date
Range InsightFilters Last Observed At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersLastObservedAtDateRange, InsightFiltersLastObservedAtDateRangeArgs
InsightFiltersMalwareName, InsightFiltersMalwareNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersMalwarePath, InsightFiltersMalwarePathArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersMalwareState, InsightFiltersMalwareStateArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersMalwareType, InsightFiltersMalwareTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkDestinationDomain, InsightFiltersNetworkDestinationDomainArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkDestinationIpv4, InsightFiltersNetworkDestinationIpv4Args
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersNetworkDestinationIpv6, InsightFiltersNetworkDestinationIpv6Args
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersNetworkDestinationPort, InsightFiltersNetworkDestinationPortArgs
InsightFiltersNetworkDirection, InsightFiltersNetworkDirectionArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkProtocol, InsightFiltersNetworkProtocolArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkSourceDomain, InsightFiltersNetworkSourceDomainArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkSourceIpv4, InsightFiltersNetworkSourceIpv4Args
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersNetworkSourceIpv6, InsightFiltersNetworkSourceIpv6Args
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersNetworkSourceMac, InsightFiltersNetworkSourceMacArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNetworkSourcePort, InsightFiltersNetworkSourcePortArgs
InsightFiltersNoteText, InsightFiltersNoteTextArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersNoteUpdatedAt, InsightFiltersNoteUpdatedAtArgs
- Date
Range InsightFilters Note Updated At Date Range - End string
- Start string
- Date
Range InsightFilters Note Updated At Date Range - End string
- Start string
- date
Range InsightFilters Note Updated At Date Range - end String
- start String
- date
Range InsightFilters Note Updated At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersNoteUpdatedAtDateRange, InsightFiltersNoteUpdatedAtDateRangeArgs
InsightFiltersNoteUpdatedBy, InsightFiltersNoteUpdatedByArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersProcessLaunchedAt, InsightFiltersProcessLaunchedAtArgs
- Date
Range InsightFilters Process Launched At Date Range - End string
- Start string
- Date
Range InsightFilters Process Launched At Date Range - End string
- Start string
- date
Range InsightFilters Process Launched At Date Range - end String
- start String
- date
Range InsightFilters Process Launched At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersProcessLaunchedAtDateRange, InsightFiltersProcessLaunchedAtDateRangeArgs
InsightFiltersProcessName, InsightFiltersProcessNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersProcessParentPid, InsightFiltersProcessParentPidArgs
InsightFiltersProcessPath, InsightFiltersProcessPathArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersProcessPid, InsightFiltersProcessPidArgs
InsightFiltersProcessTerminatedAt, InsightFiltersProcessTerminatedAtArgs
- Date
Range InsightFilters Process Terminated At Date Range - End string
- Start string
- Date
Range InsightFilters Process Terminated At Date Range - End string
- Start string
- date
Range InsightFilters Process Terminated At Date Range - end String
- start String
- date
Range InsightFilters Process Terminated At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersProcessTerminatedAtDateRange, InsightFiltersProcessTerminatedAtDateRangeArgs
InsightFiltersProductArn, InsightFiltersProductArnArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersProductField, InsightFiltersProductFieldArgs
- Comparison string
- Key string
- Value string
- Comparison string
- Key string
- Value string
- comparison String
- key String
- value String
- comparison string
- key string
- value string
- comparison str
- key str
- value str
- comparison String
- key String
- value String
InsightFiltersProductName, InsightFiltersProductNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersRecommendationText, InsightFiltersRecommendationTextArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersRecordState, InsightFiltersRecordStateArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersRelatedFindingsId, InsightFiltersRelatedFindingsIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersRelatedFindingsProductArn, InsightFiltersRelatedFindingsProductArnArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn, InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceImageId, InsightFiltersResourceAwsEc2InstanceImageIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceIpv4Address, InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersResourceAwsEc2InstanceIpv6Address, InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs
- Cidr string
- Cidr string
- cidr String
- cidr string
- cidr str
- cidr String
InsightFiltersResourceAwsEc2InstanceKeyName, InsightFiltersResourceAwsEc2InstanceKeyNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceLaunchedAt, InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs
- date
Range Property Map - end String
- start String
InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange, InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs
InsightFiltersResourceAwsEc2InstanceSubnetId, InsightFiltersResourceAwsEc2InstanceSubnetIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceType, InsightFiltersResourceAwsEc2InstanceTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsEc2InstanceVpcId, InsightFiltersResourceAwsEc2InstanceVpcIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsIamAccessKeyCreatedAt, InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs
- date
Range Property Map - end String
- start String
InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange, InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs
InsightFiltersResourceAwsIamAccessKeyStatus, InsightFiltersResourceAwsIamAccessKeyStatusArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsIamAccessKeyUserName, InsightFiltersResourceAwsIamAccessKeyUserNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsS3BucketOwnerId, InsightFiltersResourceAwsS3BucketOwnerIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceAwsS3BucketOwnerName, InsightFiltersResourceAwsS3BucketOwnerNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceContainerImageId, InsightFiltersResourceContainerImageIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceContainerImageName, InsightFiltersResourceContainerImageNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceContainerLaunchedAt, InsightFiltersResourceContainerLaunchedAtArgs
- date
Range Property Map - end String
- start String
InsightFiltersResourceContainerLaunchedAtDateRange, InsightFiltersResourceContainerLaunchedAtDateRangeArgs
InsightFiltersResourceContainerName, InsightFiltersResourceContainerNameArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceDetailsOther, InsightFiltersResourceDetailsOtherArgs
- Comparison string
- Key string
- Value string
- Comparison string
- Key string
- Value string
- comparison String
- key String
- value String
- comparison string
- key string
- value string
- comparison str
- key str
- value str
- comparison String
- key String
- value String
InsightFiltersResourceId, InsightFiltersResourceIdArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourcePartition, InsightFiltersResourcePartitionArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceRegion, InsightFiltersResourceRegionArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersResourceTag, InsightFiltersResourceTagArgs
- Comparison string
- Key string
- Value string
- Comparison string
- Key string
- Value string
- comparison String
- key String
- value String
- comparison string
- key string
- value string
- comparison str
- key str
- value str
- comparison String
- key String
- value String
InsightFiltersResourceType, InsightFiltersResourceTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersSeverityLabel, InsightFiltersSeverityLabelArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersSourceUrl, InsightFiltersSourceUrlArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersThreatIntelIndicatorCategory, InsightFiltersThreatIntelIndicatorCategoryArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersThreatIntelIndicatorLastObservedAt, InsightFiltersThreatIntelIndicatorLastObservedAtArgs
- date
Range Property Map - end String
- start String
InsightFiltersThreatIntelIndicatorLastObservedAtDateRange, InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs
InsightFiltersThreatIntelIndicatorSource, InsightFiltersThreatIntelIndicatorSourceArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersThreatIntelIndicatorSourceUrl, InsightFiltersThreatIntelIndicatorSourceUrlArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersThreatIntelIndicatorType, InsightFiltersThreatIntelIndicatorTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersThreatIntelIndicatorValue, InsightFiltersThreatIntelIndicatorValueArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersTitle, InsightFiltersTitleArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersType, InsightFiltersTypeArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersUpdatedAt, InsightFiltersUpdatedAtArgs
- Date
Range InsightFilters Updated At Date Range - End string
- Start string
- Date
Range InsightFilters Updated At Date Range - End string
- Start string
- date
Range InsightFilters Updated At Date Range - end String
- start String
- date
Range InsightFilters Updated At Date Range - end string
- start string
- date
Range Property Map - end String
- start String
InsightFiltersUpdatedAtDateRange, InsightFiltersUpdatedAtDateRangeArgs
InsightFiltersUserDefinedValue, InsightFiltersUserDefinedValueArgs
- Comparison string
- Key string
- Value string
- Comparison string
- Key string
- Value string
- comparison String
- key String
- value String
- comparison string
- key string
- value string
- comparison str
- key str
- value str
- comparison String
- key String
- value String
InsightFiltersVerificationState, InsightFiltersVerificationStateArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
InsightFiltersWorkflowStatus, InsightFiltersWorkflowStatusArgs
- Comparison string
- Value string
- Comparison string
- Value string
- comparison String
- value String
- comparison string
- value string
- comparison str
- value str
- comparison String
- value String
Import
Using pulumi import
, import Security Hub insights using the ARN. For example:
$ pulumi import aws:securityhub/insight:Insight example arn:aws:securityhub:us-west-2:1234567890:insight/1234567890/custom/91299ed7-abd0-4e44-a858-d0b15e37141a
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.
Try AWS Native preview for resources not in the classic version.