AWS Native is in preview. AWS Classic is fully supported.
aws-native.securityhub.AutomationRule
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
The AWS::SecurityHub::AutomationRule
resource specifies an automation rule based on input parameters. For more information, see Automation rules in the User Guide.
Example Usage
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule("ruleWithCriteriaActionsTags", new()
{
RuleName = "Example rule name",
RuleOrder = 5,
Description = "Example rule description.",
IsTerminal = false,
RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,
Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs
{
ProductName = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "GuardDuty",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "SecurityHub",
},
},
CompanyName = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "AWS",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "Private",
},
},
ProductArn = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "arn:aws:securityhub:us-west-2:123456789012:product/aws",
},
},
AwsAccountId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "123456789012",
},
},
Id = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-finding-id",
},
},
GeneratorId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-generator-id",
},
},
Type = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "type-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "type-2",
},
},
Description = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "description1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "description2",
},
},
SourceUrl = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "https",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "ftp",
},
},
Title = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "title-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "title-2",
},
},
SeverityLabel = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "LOW",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "HIGH",
},
},
ResourceType = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "AwsEc2Instance",
},
},
ResourcePartition = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "aws",
},
},
ResourceId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "i-1234567890",
},
},
ResourceRegion = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "us-west",
},
},
ComplianceStatus = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "FAILED",
},
},
ComplianceSecurityControlId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "EC2.3",
},
},
ComplianceAssociatedStandardsId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
},
},
VerificationState = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "BENIGN_POSITIVE",
},
},
RecordState = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "ACTIVE",
},
},
RelatedFindingsProductArn = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
},
},
RelatedFindingsId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-finding-id-2",
},
},
NoteText = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-note-text",
},
},
NoteUpdatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
NoteUpdatedBy = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "sechub",
},
},
WorkflowStatus = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "NEW",
},
},
FirstObservedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
LastObservedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
CreatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
UpdatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
Start = "2023-04-25T17:05:54.832Z",
End = "2023-05-25T17:05:54.832Z",
},
},
ResourceTags = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "security",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "operations",
},
},
UserDefinedFields = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
Key = "key1",
Value = "security",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
Key = "key2",
Value = "operations",
},
},
ResourceDetailsOther = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "area",
Value = "na",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "sales",
},
},
Confidence = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
{
Gte = 50,
Lte = 95,
},
},
Criticality = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
{
Gte = 50,
Lte = 95,
},
},
},
Actions = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs
{
Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,
FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs
{
Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs
{
Product = 50,
Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,
Normalized = 60,
},
Types = new[]
{
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
},
Confidence = 98,
Criticality = 95,
UserDefinedFields =
{
{ "key1", "value1" },
{ "key2", "value2" },
},
RelatedFindings = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
{
ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
Id = "sample-finding-id-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
{
ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
Id = "sample-finding-id-2",
},
},
Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs
{
Text = "sample-note-text",
UpdatedBy = "sechub",
},
VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs
{
Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,
},
},
},
},
Tags =
{
{ "sampleTag", "sampleValue" },
{ "organizationUnit", "pnw" },
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := securityhub.NewAutomationRule(ctx, "ruleWithCriteriaActionsTags", &securityhub.AutomationRuleArgs{
RuleName: pulumi.String("Example rule name"),
RuleOrder: pulumi.Int(5),
Description: pulumi.String("Example rule description."),
IsTerminal: pulumi.Bool(false),
RuleStatus: securityhub.AutomationRuleRuleStatusEnabled,
Criteria: &securityhub.AutomationRulesFindingFiltersArgs{
ProductName: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("GuardDuty"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("SecurityHub"),
},
},
CompanyName: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("AWS"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("Private"),
},
},
ProductArn: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/aws"),
},
},
AwsAccountId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("123456789012"),
},
},
Id: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-finding-id"),
},
},
GeneratorId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-generator-id"),
},
},
Type: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("type-1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("type-2"),
},
},
Description: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("description1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("description2"),
},
},
SourceUrl: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("https"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("ftp"),
},
},
Title: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("title-1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("title-2"),
},
},
SeverityLabel: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("LOW"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("HIGH"),
},
},
ResourceType: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("AwsEc2Instance"),
},
},
ResourcePartition: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("aws"),
},
},
ResourceId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("i-1234567890"),
},
},
ResourceRegion: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("us-west"),
},
},
ComplianceStatus: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("FAILED"),
},
},
ComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("EC2.3"),
},
},
ComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("ruleset/cis-aws-foundations-benchmark/v/1.2.0"),
},
},
VerificationState: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("BENIGN_POSITIVE"),
},
},
RecordState: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("ACTIVE"),
},
},
RelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("arn:aws:securityhub:eu-central-1::product/aws/securityhub"),
},
},
RelatedFindingsId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-finding-id-2"),
},
},
NoteText: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-note-text"),
},
},
NoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
NoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("sechub"),
},
},
WorkflowStatus: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("NEW"),
},
},
FirstObservedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
LastObservedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
CreatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
UpdatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
Start: pulumi.String("2023-04-25T17:05:54.832Z"),
End: pulumi.String("2023-05-25T17:05:54.832Z"),
},
},
ResourceTags: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("security"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("operations"),
},
},
UserDefinedFields: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
Key: pulumi.String("key1"),
Value: pulumi.String("security"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
Key: pulumi.String("key2"),
Value: pulumi.String("operations"),
},
},
ResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("area"),
Value: pulumi.String("na"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("sales"),
},
},
Confidence: securityhub.AutomationRuleNumberFilterArray{
&securityhub.AutomationRuleNumberFilterArgs{
Gte: pulumi.Float64(50),
Lte: pulumi.Float64(95),
},
},
Criticality: securityhub.AutomationRuleNumberFilterArray{
&securityhub.AutomationRuleNumberFilterArgs{
Gte: pulumi.Float64(50),
Lte: pulumi.Float64(95),
},
},
},
Actions: securityhub.AutomationRulesActionArray{
&securityhub.AutomationRulesActionArgs{
Type: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,
FindingFieldsUpdate: &securityhub.AutomationRulesFindingFieldsUpdateArgs{
Severity: &securityhub.AutomationRuleSeverityUpdateArgs{
Product: pulumi.Float64(50),
Label: securityhub.AutomationRuleSeverityUpdateLabelMedium,
Normalized: pulumi.Int(60),
},
Types: pulumi.StringArray{
pulumi.String("Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices"),
pulumi.String("Industry Compliance"),
},
Confidence: pulumi.Int(98),
Criticality: pulumi.Int(95),
UserDefinedFields: pulumi.StringMap{
"key1": pulumi.String("value1"),
"key2": pulumi.String("value2"),
},
RelatedFindings: securityhub.AutomationRuleRelatedFindingArray{
&securityhub.AutomationRuleRelatedFindingArgs{
ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
Id: pulumi.String("sample-finding-id-1"),
},
&securityhub.AutomationRuleRelatedFindingArgs{
ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
Id: pulumi.String("sample-finding-id-2"),
},
},
Note: &securityhub.AutomationRuleNoteUpdateArgs{
Text: pulumi.String("sample-note-text"),
UpdatedBy: pulumi.String("sechub"),
},
VerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,
Workflow: &securityhub.AutomationRuleWorkflowUpdateArgs{
Status: securityhub.AutomationRuleWorkflowUpdateStatusNotified,
},
},
},
},
Tags: pulumi.StringMap{
"sampleTag": pulumi.String("sampleValue"),
"organizationUnit": pulumi.String("pnw"),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
rule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags",
rule_name="Example rule name",
rule_order=5,
description="Example rule description.",
is_terminal=False,
rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,
criteria=aws_native.securityhub.AutomationRulesFindingFiltersArgs(
product_name=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="GuardDuty",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="SecurityHub",
),
],
company_name=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="AWS",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="Private",
),
],
product_arn=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="arn:aws:securityhub:us-west-2:123456789012:product/aws",
),
],
aws_account_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="123456789012",
)],
id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-finding-id",
)],
generator_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-generator-id",
)],
type=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="type-1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="type-2",
),
],
description=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="description1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="description2",
),
],
source_url=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="https",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="ftp",
),
],
title=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="title-1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="title-2",
),
],
severity_label=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="LOW",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="HIGH",
),
],
resource_type=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="AwsEc2Instance",
)],
resource_partition=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="aws",
)],
resource_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="i-1234567890",
)],
resource_region=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="us-west",
)],
compliance_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="FAILED",
)],
compliance_security_control_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="EC2.3",
)],
compliance_associated_standards_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="ruleset/cis-aws-foundations-benchmark/v/1.2.0",
)],
verification_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="BENIGN_POSITIVE",
)],
record_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="ACTIVE",
)],
related_findings_product_arn=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="arn:aws:securityhub:eu-central-1::product/aws/securityhub",
)],
related_findings_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-finding-id-2",
)],
note_text=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-note-text",
)],
note_updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
note_updated_by=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="sechub",
)],
workflow_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="NEW",
)],
first_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
last_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
created_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
start="2023-04-25T17:05:54.832Z",
end="2023-05-25T17:05:54.832Z",
)],
resource_tags=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="security",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="operations",
),
],
user_defined_fields=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
key="key1",
value="security",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
key="key2",
value="operations",
),
],
resource_details_other=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="area",
value="na",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="sales",
),
],
confidence=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
gte=50,
lte=95,
)],
criticality=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
gte=50,
lte=95,
)],
),
actions=[aws_native.securityhub.AutomationRulesActionArgs(
type=aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,
finding_fields_update=aws_native.securityhub.AutomationRulesFindingFieldsUpdateArgs(
severity=aws_native.securityhub.AutomationRuleSeverityUpdateArgs(
product=50,
label=aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,
normalized=60,
),
types=[
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
],
confidence=98,
criticality=95,
user_defined_fields={
"key1": "value1",
"key2": "value2",
},
related_findings=[
aws_native.securityhub.AutomationRuleRelatedFindingArgs(
product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id="sample-finding-id-1",
),
aws_native.securityhub.AutomationRuleRelatedFindingArgs(
product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id="sample-finding-id-2",
),
],
note=aws_native.securityhub.AutomationRuleNoteUpdateArgs(
text="sample-note-text",
updated_by="sechub",
),
verification_state=aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,
workflow=aws_native.securityhub.AutomationRuleWorkflowUpdateArgs(
status=aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,
),
),
)],
tags={
"sampleTag": "sampleValue",
"organizationUnit": "pnw",
})
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags", {
ruleName: "Example rule name",
ruleOrder: 5,
description: "Example rule description.",
isTerminal: false,
ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
criteria: {
productName: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "GuardDuty",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "SecurityHub",
},
],
companyName: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "AWS",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "Private",
},
],
productArn: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "arn:aws:securityhub:us-west-2:123456789012:product/aws",
},
],
awsAccountId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "123456789012",
}],
id: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-finding-id",
}],
generatorId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-generator-id",
}],
type: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "type-1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "type-2",
},
],
description: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "description1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "description2",
},
],
sourceUrl: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "https",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "ftp",
},
],
title: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "title-1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "title-2",
},
],
severityLabel: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "LOW",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "HIGH",
},
],
resourceType: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "AwsEc2Instance",
}],
resourcePartition: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "aws",
}],
resourceId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "i-1234567890",
}],
resourceRegion: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "us-west",
}],
complianceStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "FAILED",
}],
complianceSecurityControlId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "EC2.3",
}],
complianceAssociatedStandardsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
}],
verificationState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "BENIGN_POSITIVE",
}],
recordState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "ACTIVE",
}],
relatedFindingsProductArn: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
}],
relatedFindingsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-finding-id-2",
}],
noteText: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-note-text",
}],
noteUpdatedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
noteUpdatedBy: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "sechub",
}],
workflowStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "NEW",
}],
firstObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
lastObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
createdAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
updatedAt: [{
start: "2023-04-25T17:05:54.832Z",
end: "2023-05-25T17:05:54.832Z",
}],
resourceTags: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "security",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "operations",
},
],
userDefinedFields: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "key1",
value: "security",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "key2",
value: "operations",
},
],
resourceDetailsOther: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "area",
value: "na",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "sales",
},
],
confidence: [{
gte: 50,
lte: 95,
}],
criticality: [{
gte: 50,
lte: 95,
}],
},
actions: [{
type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
findingFieldsUpdate: {
severity: {
product: 50,
label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,
normalized: 60,
},
types: [
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
],
confidence: 98,
criticality: 95,
userDefinedFields: {
key1: "value1",
key2: "value2",
},
relatedFindings: [
{
productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id: "sample-finding-id-1",
},
{
productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id: "sample-finding-id-2",
},
],
note: {
text: "sample-note-text",
updatedBy: "sechub",
},
verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
workflow: {
status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,
},
},
}],
tags: {
sampleTag: "sampleValue",
organizationUnit: "pnw",
},
});
Coming soon!
Example
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;
return await Deployment.RunAsync(() =>
{
var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule("ruleWithCriteriaActionsTags", new()
{
RuleName = "Example rule name",
RuleOrder = 5,
Description = "Example rule description.",
IsTerminal = false,
RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,
Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs
{
ProductName = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "GuardDuty",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "SecurityHub",
},
},
CompanyName = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "AWS",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "Private",
},
},
ProductArn = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "arn:aws:securityhub:us-west-2:123456789012:product/aws",
},
},
AwsAccountId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "123456789012",
},
},
Id = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-finding-id",
},
},
GeneratorId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-generator-id",
},
},
Type = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "type-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "type-2",
},
},
Description = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "description1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "description2",
},
},
SourceUrl = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "https",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "ftp",
},
},
Title = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "title-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "title-2",
},
},
SeverityLabel = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "LOW",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "HIGH",
},
},
ResourceType = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "AwsEc2Instance",
},
},
ResourcePartition = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "aws",
},
},
ResourceId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "i-1234567890",
},
},
ResourceRegion = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "us-west",
},
},
ComplianceStatus = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "FAILED",
},
},
ComplianceSecurityControlId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "EC2.3",
},
},
ComplianceAssociatedStandardsId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
},
},
VerificationState = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "BENIGN_POSITIVE",
},
},
RecordState = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "ACTIVE",
},
},
RelatedFindingsProductArn = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
},
},
RelatedFindingsId = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-finding-id-2",
},
},
NoteText = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "example-note-text",
},
},
NoteUpdatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
NoteUpdatedBy = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
Value = "sechub",
},
},
WorkflowStatus = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
Value = "NEW",
},
},
FirstObservedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
LastObservedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
CreatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
{
Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
Value = 5,
},
},
},
UpdatedAt = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
{
Start = "2023-04-25T17:05:54.832Z",
End = "2023-05-25T17:05:54.832Z",
},
},
ResourceTags = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "security",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "operations",
},
},
UserDefinedFields = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
Key = "key1",
Value = "security",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
Key = "key2",
Value = "operations",
},
},
ResourceDetailsOther = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "area",
Value = "na",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
{
Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
Key = "department",
Value = "sales",
},
},
Confidence = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
{
Gte = 50,
Lte = 95,
},
},
Criticality = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
{
Gte = 50,
Lte = 95,
},
},
},
Actions = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs
{
Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,
FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs
{
Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs
{
Product = 50,
Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,
Normalized = 60,
},
Types = new[]
{
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
},
Confidence = 98,
Criticality = 95,
UserDefinedFields =
{
{ "key1", "value1" },
{ "key2", "value2" },
},
RelatedFindings = new[]
{
new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
{
ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
Id = "sample-finding-id-1",
},
new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
{
ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
Id = "sample-finding-id-2",
},
},
Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs
{
Text = "sample-note-text",
UpdatedBy = "sechub",
},
VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs
{
Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,
},
},
},
},
Tags =
{
{ "sampleTag", "sampleValue" },
{ "organizationUnit", "pnw" },
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := securityhub.NewAutomationRule(ctx, "ruleWithCriteriaActionsTags", &securityhub.AutomationRuleArgs{
RuleName: pulumi.String("Example rule name"),
RuleOrder: pulumi.Int(5),
Description: pulumi.String("Example rule description."),
IsTerminal: pulumi.Bool(false),
RuleStatus: securityhub.AutomationRuleRuleStatusEnabled,
Criteria: &securityhub.AutomationRulesFindingFiltersArgs{
ProductName: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("GuardDuty"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("SecurityHub"),
},
},
CompanyName: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("AWS"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("Private"),
},
},
ProductArn: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/aws"),
},
},
AwsAccountId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("123456789012"),
},
},
Id: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-finding-id"),
},
},
GeneratorId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-generator-id"),
},
},
Type: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("type-1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("type-2"),
},
},
Description: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("description1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("description2"),
},
},
SourceUrl: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("https"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("ftp"),
},
},
Title: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("title-1"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("title-2"),
},
},
SeverityLabel: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("LOW"),
},
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("HIGH"),
},
},
ResourceType: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("AwsEc2Instance"),
},
},
ResourcePartition: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("aws"),
},
},
ResourceId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("i-1234567890"),
},
},
ResourceRegion: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("us-west"),
},
},
ComplianceStatus: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("FAILED"),
},
},
ComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("EC2.3"),
},
},
ComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("ruleset/cis-aws-foundations-benchmark/v/1.2.0"),
},
},
VerificationState: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("BENIGN_POSITIVE"),
},
},
RecordState: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("ACTIVE"),
},
},
RelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("arn:aws:securityhub:eu-central-1::product/aws/securityhub"),
},
},
RelatedFindingsId: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-finding-id-2"),
},
},
NoteText: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("example-note-text"),
},
},
NoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
NoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
Value: pulumi.String("sechub"),
},
},
WorkflowStatus: securityhub.AutomationRuleStringFilterArray{
&securityhub.AutomationRuleStringFilterArgs{
Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
Value: pulumi.String("NEW"),
},
},
FirstObservedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
LastObservedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
CreatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
DateRange: &securityhub.AutomationRuleDateRangeArgs{
Unit: securityhub.AutomationRuleDateRangeUnitDays,
Value: pulumi.Float64(5),
},
},
},
UpdatedAt: securityhub.AutomationRuleDateFilterArray{
&securityhub.AutomationRuleDateFilterArgs{
Start: pulumi.String("2023-04-25T17:05:54.832Z"),
End: pulumi.String("2023-05-25T17:05:54.832Z"),
},
},
ResourceTags: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("security"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("operations"),
},
},
UserDefinedFields: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
Key: pulumi.String("key1"),
Value: pulumi.String("security"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
Key: pulumi.String("key2"),
Value: pulumi.String("operations"),
},
},
ResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("area"),
Value: pulumi.String("na"),
},
&securityhub.AutomationRuleMapFilterArgs{
Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
Key: pulumi.String("department"),
Value: pulumi.String("sales"),
},
},
Confidence: securityhub.AutomationRuleNumberFilterArray{
&securityhub.AutomationRuleNumberFilterArgs{
Gte: pulumi.Float64(50),
Lte: pulumi.Float64(95),
},
},
Criticality: securityhub.AutomationRuleNumberFilterArray{
&securityhub.AutomationRuleNumberFilterArgs{
Gte: pulumi.Float64(50),
Lte: pulumi.Float64(95),
},
},
},
Actions: securityhub.AutomationRulesActionArray{
&securityhub.AutomationRulesActionArgs{
Type: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,
FindingFieldsUpdate: &securityhub.AutomationRulesFindingFieldsUpdateArgs{
Severity: &securityhub.AutomationRuleSeverityUpdateArgs{
Product: pulumi.Float64(50),
Label: securityhub.AutomationRuleSeverityUpdateLabelMedium,
Normalized: pulumi.Int(60),
},
Types: pulumi.StringArray{
pulumi.String("Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices"),
pulumi.String("Industry Compliance"),
},
Confidence: pulumi.Int(98),
Criticality: pulumi.Int(95),
UserDefinedFields: pulumi.StringMap{
"key1": pulumi.String("value1"),
"key2": pulumi.String("value2"),
},
RelatedFindings: securityhub.AutomationRuleRelatedFindingArray{
&securityhub.AutomationRuleRelatedFindingArgs{
ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
Id: pulumi.String("sample-finding-id-1"),
},
&securityhub.AutomationRuleRelatedFindingArgs{
ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
Id: pulumi.String("sample-finding-id-2"),
},
},
Note: &securityhub.AutomationRuleNoteUpdateArgs{
Text: pulumi.String("sample-note-text"),
UpdatedBy: pulumi.String("sechub"),
},
VerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,
Workflow: &securityhub.AutomationRuleWorkflowUpdateArgs{
Status: securityhub.AutomationRuleWorkflowUpdateStatusNotified,
},
},
},
},
Tags: pulumi.StringMap{
"sampleTag": pulumi.String("sampleValue"),
"organizationUnit": pulumi.String("pnw"),
},
})
if err != nil {
return err
}
return nil
})
}
Coming soon!
import pulumi
import pulumi_aws_native as aws_native
rule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags",
rule_name="Example rule name",
rule_order=5,
description="Example rule description.",
is_terminal=False,
rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,
criteria=aws_native.securityhub.AutomationRulesFindingFiltersArgs(
product_name=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="GuardDuty",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="SecurityHub",
),
],
company_name=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="AWS",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="Private",
),
],
product_arn=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="arn:aws:securityhub:us-west-2:123456789012:product/aws",
),
],
aws_account_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="123456789012",
)],
id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-finding-id",
)],
generator_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-generator-id",
)],
type=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="type-1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="type-2",
),
],
description=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="description1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="description2",
),
],
source_url=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="https",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="ftp",
),
],
title=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="title-1",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="title-2",
),
],
severity_label=[
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="LOW",
),
aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="HIGH",
),
],
resource_type=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="AwsEc2Instance",
)],
resource_partition=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="aws",
)],
resource_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="i-1234567890",
)],
resource_region=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="us-west",
)],
compliance_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="FAILED",
)],
compliance_security_control_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="EC2.3",
)],
compliance_associated_standards_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="ruleset/cis-aws-foundations-benchmark/v/1.2.0",
)],
verification_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="BENIGN_POSITIVE",
)],
record_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="ACTIVE",
)],
related_findings_product_arn=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="arn:aws:securityhub:eu-central-1::product/aws/securityhub",
)],
related_findings_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-finding-id-2",
)],
note_text=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="example-note-text",
)],
note_updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
note_updated_by=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
value="sechub",
)],
workflow_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
value="NEW",
)],
first_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
last_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
created_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
value=5,
),
)],
updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
start="2023-04-25T17:05:54.832Z",
end="2023-05-25T17:05:54.832Z",
)],
resource_tags=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="security",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="operations",
),
],
user_defined_fields=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
key="key1",
value="security",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
key="key2",
value="operations",
),
],
resource_details_other=[
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="area",
value="na",
),
aws_native.securityhub.AutomationRuleMapFilterArgs(
comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
key="department",
value="sales",
),
],
confidence=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
gte=50,
lte=95,
)],
criticality=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
gte=50,
lte=95,
)],
),
actions=[aws_native.securityhub.AutomationRulesActionArgs(
type=aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,
finding_fields_update=aws_native.securityhub.AutomationRulesFindingFieldsUpdateArgs(
severity=aws_native.securityhub.AutomationRuleSeverityUpdateArgs(
product=50,
label=aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,
normalized=60,
),
types=[
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
],
confidence=98,
criticality=95,
user_defined_fields={
"key1": "value1",
"key2": "value2",
},
related_findings=[
aws_native.securityhub.AutomationRuleRelatedFindingArgs(
product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id="sample-finding-id-1",
),
aws_native.securityhub.AutomationRuleRelatedFindingArgs(
product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id="sample-finding-id-2",
),
],
note=aws_native.securityhub.AutomationRuleNoteUpdateArgs(
text="sample-note-text",
updated_by="sechub",
),
verification_state=aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,
workflow=aws_native.securityhub.AutomationRuleWorkflowUpdateArgs(
status=aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,
),
),
)],
tags={
"sampleTag": "sampleValue",
"organizationUnit": "pnw",
})
import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";
const ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags", {
ruleName: "Example rule name",
ruleOrder: 5,
description: "Example rule description.",
isTerminal: false,
ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
criteria: {
productName: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "GuardDuty",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "SecurityHub",
},
],
companyName: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "AWS",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "Private",
},
],
productArn: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "arn:aws:securityhub:us-west-2:123456789012:product/aws",
},
],
awsAccountId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "123456789012",
}],
id: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-finding-id",
}],
generatorId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-generator-id",
}],
type: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "type-1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "type-2",
},
],
description: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "description1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "description2",
},
],
sourceUrl: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "https",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "ftp",
},
],
title: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "title-1",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "title-2",
},
],
severityLabel: [
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "LOW",
},
{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "HIGH",
},
],
resourceType: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "AwsEc2Instance",
}],
resourcePartition: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "aws",
}],
resourceId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "i-1234567890",
}],
resourceRegion: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "us-west",
}],
complianceStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "FAILED",
}],
complianceSecurityControlId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "EC2.3",
}],
complianceAssociatedStandardsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
}],
verificationState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "BENIGN_POSITIVE",
}],
recordState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "ACTIVE",
}],
relatedFindingsProductArn: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
}],
relatedFindingsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-finding-id-2",
}],
noteText: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "example-note-text",
}],
noteUpdatedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
noteUpdatedBy: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
value: "sechub",
}],
workflowStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "NEW",
}],
firstObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
lastObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
createdAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 5,
},
}],
updatedAt: [{
start: "2023-04-25T17:05:54.832Z",
end: "2023-05-25T17:05:54.832Z",
}],
resourceTags: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "security",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "operations",
},
],
userDefinedFields: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "key1",
value: "security",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "key2",
value: "operations",
},
],
resourceDetailsOther: [
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "area",
value: "na",
},
{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
key: "department",
value: "sales",
},
],
confidence: [{
gte: 50,
lte: 95,
}],
criticality: [{
gte: 50,
lte: 95,
}],
},
actions: [{
type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
findingFieldsUpdate: {
severity: {
product: 50,
label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,
normalized: 60,
},
types: [
"Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
"Industry Compliance",
],
confidence: 98,
criticality: 95,
userDefinedFields: {
key1: "value1",
key2: "value2",
},
relatedFindings: [
{
productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id: "sample-finding-id-1",
},
{
productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
id: "sample-finding-id-2",
},
],
note: {
text: "sample-note-text",
updatedBy: "sechub",
},
verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
workflow: {
status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,
},
},
}],
tags: {
sampleTag: "sampleValue",
organizationUnit: "pnw",
},
});
Coming soon!
Create AutomationRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AutomationRule(name: string, args?: AutomationRuleArgs, opts?: CustomResourceOptions);
@overload
def AutomationRule(resource_name: str,
args: Optional[AutomationRuleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def AutomationRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
actions: Optional[Sequence[AutomationRulesActionArgs]] = None,
criteria: Optional[AutomationRulesFindingFiltersArgs] = None,
description: Optional[str] = None,
is_terminal: Optional[bool] = None,
rule_name: Optional[str] = None,
rule_order: Optional[int] = None,
rule_status: Optional[AutomationRuleRuleStatus] = None,
tags: Optional[Mapping[str, str]] = None)
func NewAutomationRule(ctx *Context, name string, args *AutomationRuleArgs, opts ...ResourceOption) (*AutomationRule, error)
public AutomationRule(string name, AutomationRuleArgs? args = null, CustomResourceOptions? opts = null)
public AutomationRule(String name, AutomationRuleArgs args)
public AutomationRule(String name, AutomationRuleArgs args, CustomResourceOptions options)
type: aws-native:securityhub:AutomationRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AutomationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AutomationRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AutomationRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AutomationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AutomationRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
Coming soon!
Coming soon!
Coming soon!
Coming soon!
const automationRuleResource = new aws_native.securityhub.AutomationRule("automationRuleResource", {
actions: [{
findingFieldsUpdate: {
confidence: 0,
criticality: 0,
note: {
text: "string",
updatedBy: "string",
},
relatedFindings: [{
id: "string",
productArn: "string",
}],
severity: {
label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Informational,
normalized: 0,
product: 0,
},
types: ["string"],
userDefinedFields: {
string: "string",
},
verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.Unknown,
workflow: {
status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.New,
},
},
type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
}],
criteria: {
awsAccountId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
companyName: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
complianceAssociatedStandardsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
complianceSecurityControlId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
complianceStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
confidence: [{
eq: 0,
gte: 0,
lte: 0,
}],
createdAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 0,
},
end: "string",
start: "string",
}],
criticality: [{
eq: 0,
gte: 0,
lte: 0,
}],
description: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
firstObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 0,
},
end: "string",
start: "string",
}],
generatorId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
id: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
lastObservedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 0,
},
end: "string",
start: "string",
}],
noteText: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
noteUpdatedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 0,
},
end: "string",
start: "string",
}],
noteUpdatedBy: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
productArn: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
productName: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
recordState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
relatedFindingsId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
relatedFindingsProductArn: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
resourceDetailsOther: [{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "string",
value: "string",
}],
resourceId: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
resourcePartition: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
resourceRegion: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
resourceTags: [{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "string",
value: "string",
}],
resourceType: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
severityLabel: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
sourceUrl: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
title: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
type: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
updatedAt: [{
dateRange: {
unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
value: 0,
},
end: "string",
start: "string",
}],
userDefinedFields: [{
comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
key: "string",
value: "string",
}],
verificationState: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
workflowStatus: [{
comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
value: "string",
}],
},
description: "string",
isTerminal: false,
ruleName: "string",
ruleOrder: 0,
ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
tags: {
string: "string",
},
});
Coming soon!
AutomationRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AutomationRule resource accepts the following input properties:
- Actions
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rules Action> - Criteria
Pulumi.
Aws Native. Security Hub. Inputs. Automation Rules Finding Filters - A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- Description string
- Is
Terminal bool - Rule
Name string - Rule
Order int - Rule
Status Pulumi.Aws Native. Security Hub. Automation Rule Rule Status - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - Dictionary<string, string>
- Actions
[]Automation
Rules Action Args - Criteria
Automation
Rules Finding Filters Args - A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- Description string
- Is
Terminal bool - Rule
Name string - Rule
Order int - Rule
Status AutomationRule Rule Status - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - map[string]string
- actions
List<Automation
Rules Action> - criteria
Automation
Rules Finding Filters - A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- description String
- is
Terminal Boolean - rule
Name String - rule
Order Integer - rule
Status AutomationRule Rule Status - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - Map<String,String>
- actions
Automation
Rules Action[] - criteria
Automation
Rules Finding Filters - A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- description string
- is
Terminal boolean - rule
Name string - rule
Order number - rule
Status AutomationRule Rule Status - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - {[key: string]: string}
- actions
Sequence[Automation
Rules Action Args] - criteria
Automation
Rules Finding Filters Args - A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- description str
- is_
terminal bool - rule_
name str - rule_
order int - rule_
status AutomationRule Rule Status - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - Mapping[str, str]
- actions List<Property Map>
- criteria Property Map
- A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
- description String
- is
Terminal Boolean - rule
Name String - rule
Order Number - rule
Status "ENABLED" | "DISABLED" - Whether the rule is active after it is created. If this parameter is equal to
ENABLED
, ASH applies the rule to findings and finding updates after the rule is created. - Map<String>
Outputs
All input properties are implicitly available as output properties. Additionally, the AutomationRule resource produces the following output properties:
- created_
at str - created_
by str - id str
- The provider-assigned unique ID for this managed resource.
- rule_
arn str - updated_
at str
Supporting Types
AutomationRuleDateFilter, AutomationRuleDateFilterArgs
- Date
Range AutomationRule Date Range - End string
- Start string
- date
Range AutomationRule Date Range - end String
- start String
- date
Range AutomationRule Date Range - end string
- start string
- date
Range Property Map - end String
- start String
AutomationRuleDateRange, AutomationRuleDateRangeArgs
- Unit
Automation
Rule Date Range Unit - Value float64
AutomationRuleDateRangeUnit, AutomationRuleDateRangeUnitArgs
- Days
- DAYS
- Automation
Rule Date Range Unit Days - DAYS
- Days
- DAYS
- Days
- DAYS
- DAYS
- DAYS
- "DAYS"
- DAYS
AutomationRuleMapFilter, AutomationRuleMapFilterArgs
- Comparison
Automation
Rule Map Filter Comparison - Key string
- Value string
- comparison
Automation
Rule Map Filter Comparison - key String
- value String
- comparison
Automation
Rule Map Filter Comparison - key string
- value string
AutomationRuleMapFilterComparison, AutomationRuleMapFilterComparisonArgs
- Equals
Value - EQUALS
- Not
Equals - NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- Automation
Rule Map Filter Comparison Equals - EQUALS
- Automation
Rule Map Filter Comparison Not Equals - NOT_EQUALS
- Automation
Rule Map Filter Comparison Contains - CONTAINS
- Automation
Rule Map Filter Comparison Not Contains - NOT_CONTAINS
- Equals
- EQUALS
- Not
Equals - NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- Equals
- EQUALS
- Not
Equals - NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- EQUALS
- EQUALS
- NOT_EQUALS
- NOT_EQUALS
- CONTAINS
- CONTAINS
- NOT_CONTAINS
- NOT_CONTAINS
- "EQUALS"
- EQUALS
- "NOT_EQUALS"
- NOT_EQUALS
- "CONTAINS"
- CONTAINS
- "NOT_CONTAINS"
- NOT_CONTAINS
AutomationRuleNoteUpdate, AutomationRuleNoteUpdateArgs
- text str
- updated_
by str
AutomationRuleNumberFilter, AutomationRuleNumberFilterArgs
AutomationRuleRelatedFinding, AutomationRuleRelatedFindingArgs
- Id string
- Product
Arn string - The Amazon Resource Name (ARN) for the product that generated a related finding.
- Id string
- Product
Arn string - The Amazon Resource Name (ARN) for the product that generated a related finding.
- id String
- product
Arn String - The Amazon Resource Name (ARN) for the product that generated a related finding.
- id string
- product
Arn string - The Amazon Resource Name (ARN) for the product that generated a related finding.
- id str
- product_
arn str - The Amazon Resource Name (ARN) for the product that generated a related finding.
- id String
- product
Arn String - The Amazon Resource Name (ARN) for the product that generated a related finding.
AutomationRuleRuleStatus, AutomationRuleRuleStatusArgs
- Enabled
- ENABLED
- Disabled
- DISABLED
- Automation
Rule Rule Status Enabled - ENABLED
- Automation
Rule Rule Status Disabled - DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- ENABLED
- ENABLED
- DISABLED
- DISABLED
- "ENABLED"
- ENABLED
- "DISABLED"
- DISABLED
AutomationRuleSeverityUpdate, AutomationRuleSeverityUpdateArgs
- label
Automation
Rule Severity Update Label - normalized Integer
- product Double
- label
Automation
Rule Severity Update Label - normalized number
- product number
AutomationRuleSeverityUpdateLabel, AutomationRuleSeverityUpdateLabelArgs
- Informational
- INFORMATIONAL
- Low
- LOW
- Medium
- MEDIUM
- High
- HIGH
- Critical
- CRITICAL
- Automation
Rule Severity Update Label Informational - INFORMATIONAL
- Automation
Rule Severity Update Label Low - LOW
- Automation
Rule Severity Update Label Medium - MEDIUM
- Automation
Rule Severity Update Label High - HIGH
- Automation
Rule Severity Update Label Critical - CRITICAL
- Informational
- INFORMATIONAL
- Low
- LOW
- Medium
- MEDIUM
- High
- HIGH
- Critical
- CRITICAL
- Informational
- INFORMATIONAL
- Low
- LOW
- Medium
- MEDIUM
- High
- HIGH
- Critical
- CRITICAL
- INFORMATIONAL
- INFORMATIONAL
- LOW
- LOW
- MEDIUM
- MEDIUM
- HIGH
- HIGH
- CRITICAL
- CRITICAL
- "INFORMATIONAL"
- INFORMATIONAL
- "LOW"
- LOW
- "MEDIUM"
- MEDIUM
- "HIGH"
- HIGH
- "CRITICAL"
- CRITICAL
AutomationRuleStringFilter, AutomationRuleStringFilterArgs
AutomationRuleStringFilterComparison, AutomationRuleStringFilterComparisonArgs
- Equals
Value - EQUALS
- Prefix
- PREFIX
- Not
Equals - NOT_EQUALS
- Prefix
Not Equals - PREFIX_NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- Automation
Rule String Filter Comparison Equals - EQUALS
- Automation
Rule String Filter Comparison Prefix - PREFIX
- Automation
Rule String Filter Comparison Not Equals - NOT_EQUALS
- Automation
Rule String Filter Comparison Prefix Not Equals - PREFIX_NOT_EQUALS
- Automation
Rule String Filter Comparison Contains - CONTAINS
- Automation
Rule String Filter Comparison Not Contains - NOT_CONTAINS
- Equals
- EQUALS
- Prefix
- PREFIX
- Not
Equals - NOT_EQUALS
- Prefix
Not Equals - PREFIX_NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- Equals
- EQUALS
- Prefix
- PREFIX
- Not
Equals - NOT_EQUALS
- Prefix
Not Equals - PREFIX_NOT_EQUALS
- Contains
- CONTAINS
- Not
Contains - NOT_CONTAINS
- EQUALS
- EQUALS
- PREFIX
- PREFIX
- NOT_EQUALS
- NOT_EQUALS
- PREFIX_NOT_EQUALS
- PREFIX_NOT_EQUALS
- CONTAINS
- CONTAINS
- NOT_CONTAINS
- NOT_CONTAINS
- "EQUALS"
- EQUALS
- "PREFIX"
- PREFIX
- "NOT_EQUALS"
- NOT_EQUALS
- "PREFIX_NOT_EQUALS"
- PREFIX_NOT_EQUALS
- "CONTAINS"
- CONTAINS
- "NOT_CONTAINS"
- NOT_CONTAINS
AutomationRuleWorkflowUpdate, AutomationRuleWorkflowUpdateArgs
AutomationRuleWorkflowUpdateStatus, AutomationRuleWorkflowUpdateStatusArgs
- New
- NEW
- Notified
- NOTIFIED
- Resolved
- RESOLVED
- Suppressed
- SUPPRESSED
- Automation
Rule Workflow Update Status New - NEW
- Automation
Rule Workflow Update Status Notified - NOTIFIED
- Automation
Rule Workflow Update Status Resolved - RESOLVED
- Automation
Rule Workflow Update Status Suppressed - SUPPRESSED
- New
- NEW
- Notified
- NOTIFIED
- Resolved
- RESOLVED
- Suppressed
- SUPPRESSED
- New
- NEW
- Notified
- NOTIFIED
- Resolved
- RESOLVED
- Suppressed
- SUPPRESSED
- NEW
- NEW
- NOTIFIED
- NOTIFIED
- RESOLVED
- RESOLVED
- SUPPRESSED
- SUPPRESSED
- "NEW"
- NEW
- "NOTIFIED"
- NOTIFIED
- "RESOLVED"
- RESOLVED
- "SUPPRESSED"
- SUPPRESSED
AutomationRulesAction, AutomationRulesActionArgs
AutomationRulesActionType, AutomationRulesActionTypeArgs
- Finding
Fields Update - FINDING_FIELDS_UPDATE
- Automation
Rules Action Type Finding Fields Update - FINDING_FIELDS_UPDATE
- Finding
Fields Update - FINDING_FIELDS_UPDATE
- Finding
Fields Update - FINDING_FIELDS_UPDATE
- FINDING_FIELDS_UPDATE
- FINDING_FIELDS_UPDATE
- "FINDING_FIELDS_UPDATE"
- FINDING_FIELDS_UPDATE
AutomationRulesFindingFieldsUpdate, AutomationRulesFindingFieldsUpdateArgs
- Confidence int
- Criticality int
- Note
Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Note Update - The rule action will update the
Note
field of a finding. - List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Related Finding> - The rule action will update the
RelatedFindings
field of a finding. - Severity
Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Severity Update - The rule action will update the
Severity
field of a finding. - Types List<string>
- User
Defined Dictionary<string, string>Fields - Verification
State Pulumi.Aws Native. Security Hub. Automation Rules Finding Fields Update Verification State - Workflow
Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Workflow Update - The rule action will update the
Workflow
field of a finding.
- Confidence int
- Criticality int
- Note
Automation
Rule Note Update - The rule action will update the
Note
field of a finding. - []Automation
Rule Related Finding - The rule action will update the
RelatedFindings
field of a finding. - Severity
Automation
Rule Severity Update - The rule action will update the
Severity
field of a finding. - Types []string
- User
Defined map[string]stringFields - Verification
State AutomationRules Finding Fields Update Verification State - Workflow
Automation
Rule Workflow Update - The rule action will update the
Workflow
field of a finding.
- confidence Integer
- criticality Integer
- note
Automation
Rule Note Update - The rule action will update the
Note
field of a finding. - List<Automation
Rule Related Finding> - The rule action will update the
RelatedFindings
field of a finding. - severity
Automation
Rule Severity Update - The rule action will update the
Severity
field of a finding. - types List<String>
- user
Defined Map<String,String>Fields - verification
State AutomationRules Finding Fields Update Verification State - workflow
Automation
Rule Workflow Update - The rule action will update the
Workflow
field of a finding.
- confidence number
- criticality number
- note
Automation
Rule Note Update - The rule action will update the
Note
field of a finding. - Automation
Rule Related Finding[] - The rule action will update the
RelatedFindings
field of a finding. - severity
Automation
Rule Severity Update - The rule action will update the
Severity
field of a finding. - types string[]
- user
Defined {[key: string]: string}Fields - verification
State AutomationRules Finding Fields Update Verification State - workflow
Automation
Rule Workflow Update - The rule action will update the
Workflow
field of a finding.
- confidence int
- criticality int
- note
Automation
Rule Note Update - The rule action will update the
Note
field of a finding. - Sequence[Automation
Rule Related Finding] - The rule action will update the
RelatedFindings
field of a finding. - severity
Automation
Rule Severity Update - The rule action will update the
Severity
field of a finding. - types Sequence[str]
- user_
defined_ Mapping[str, str]fields - verification_
state AutomationRules Finding Fields Update Verification State - workflow
Automation
Rule Workflow Update - The rule action will update the
Workflow
field of a finding.
- confidence Number
- criticality Number
- note Property Map
- The rule action will update the
Note
field of a finding. - List<Property Map>
- The rule action will update the
RelatedFindings
field of a finding. - severity Property Map
- The rule action will update the
Severity
field of a finding. - types List<String>
- user
Defined Map<String>Fields - verification
State "UNKNOWN" | "TRUE_POSITIVE" | "FALSE_POSITIVE" | "BENIGN_POSITIVE" - workflow Property Map
- The rule action will update the
Workflow
field of a finding.
AutomationRulesFindingFieldsUpdateVerificationState, AutomationRulesFindingFieldsUpdateVerificationStateArgs
- Unknown
- UNKNOWN
- True
Positive - TRUE_POSITIVE
- False
Positive - FALSE_POSITIVE
- Benign
Positive - BENIGN_POSITIVE
- Automation
Rules Finding Fields Update Verification State Unknown - UNKNOWN
- Automation
Rules Finding Fields Update Verification State True Positive - TRUE_POSITIVE
- Automation
Rules Finding Fields Update Verification State False Positive - FALSE_POSITIVE
- Automation
Rules Finding Fields Update Verification State Benign Positive - BENIGN_POSITIVE
- Unknown
- UNKNOWN
- True
Positive - TRUE_POSITIVE
- False
Positive - FALSE_POSITIVE
- Benign
Positive - BENIGN_POSITIVE
- Unknown
- UNKNOWN
- True
Positive - TRUE_POSITIVE
- False
Positive - FALSE_POSITIVE
- Benign
Positive - BENIGN_POSITIVE
- UNKNOWN
- UNKNOWN
- TRUE_POSITIVE
- TRUE_POSITIVE
- FALSE_POSITIVE
- FALSE_POSITIVE
- BENIGN_POSITIVE
- BENIGN_POSITIVE
- "UNKNOWN"
- UNKNOWN
- "TRUE_POSITIVE"
- TRUE_POSITIVE
- "FALSE_POSITIVE"
- FALSE_POSITIVE
- "BENIGN_POSITIVE"
- BENIGN_POSITIVE
AutomationRulesFindingFilters, AutomationRulesFindingFiltersArgs
- Aws
Account List<Pulumi.Id Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Company
Name List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Compliance
Associated List<Pulumi.Standards Id Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Compliance
Security List<Pulumi.Control Id Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Compliance
Status List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Confidence
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Number Filter> - Created
At List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule Date Filter> - Criticality
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Number Filter> - Description
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - First
Observed List<Pulumi.At Aws Native. Security Hub. Inputs. Automation Rule Date Filter> - Generator
Id List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Id
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Last
Observed List<Pulumi.At Aws Native. Security Hub. Inputs. Automation Rule Date Filter> - Note
Text List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Note
Updated List<Pulumi.At Aws Native. Security Hub. Inputs. Automation Rule Date Filter> - Note
Updated List<Pulumi.By Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Product
Arn List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Product
Name List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Record
State List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Resource
Details List<Pulumi.Other Aws Native. Security Hub. Inputs. Automation Rule Map Filter> - Resource
Id List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Resource
Partition List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Resource
Region List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule Map Filter> - Resource
Type List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Severity
Label List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Source
Url List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Title
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Type
List<Pulumi.
Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Updated
At List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule Date Filter> - User
Defined List<Pulumi.Fields Aws Native. Security Hub. Inputs. Automation Rule Map Filter> - Verification
State List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter> - Workflow
Status List<Pulumi.Aws Native. Security Hub. Inputs. Automation Rule String Filter>
- Aws
Account []AutomationId Rule String Filter - Company
Name []AutomationRule String Filter - Compliance
Associated []AutomationStandards Id Rule String Filter - Compliance
Security []AutomationControl Id Rule String Filter - Compliance
Status []AutomationRule String Filter - Confidence
[]Automation
Rule Number Filter - Created
At []AutomationRule Date Filter - Criticality
[]Automation
Rule Number Filter - Description
[]Automation
Rule String Filter - First
Observed []AutomationAt Rule Date Filter - Generator
Id []AutomationRule String Filter - Id
[]Automation
Rule String Filter - Last
Observed []AutomationAt Rule Date Filter - Note
Text []AutomationRule String Filter - Note
Updated []AutomationAt Rule Date Filter - Note
Updated []AutomationBy Rule String Filter - Product
Arn []AutomationRule String Filter - Product
Name []AutomationRule String Filter - Record
State []AutomationRule String Filter - []Automation
Rule String Filter - []Automation
Rule String Filter - Resource
Details []AutomationOther Rule Map Filter - Resource
Id []AutomationRule String Filter - Resource
Partition []AutomationRule String Filter - Resource
Region []AutomationRule String Filter - []Automation
Rule Map Filter - Resource
Type []AutomationRule String Filter - Severity
Label []AutomationRule String Filter - Source
Url []AutomationRule String Filter - Title
[]Automation
Rule String Filter - Type
[]Automation
Rule String Filter - Updated
At []AutomationRule Date Filter - User
Defined []AutomationFields Rule Map Filter - Verification
State []AutomationRule String Filter - Workflow
Status []AutomationRule String Filter
- aws
Account List<AutomationId Rule String Filter> - company
Name List<AutomationRule String Filter> - compliance
Associated List<AutomationStandards Id Rule String Filter> - compliance
Security List<AutomationControl Id Rule String Filter> - compliance
Status List<AutomationRule String Filter> - confidence
List<Automation
Rule Number Filter> - created
At List<AutomationRule Date Filter> - criticality
List<Automation
Rule Number Filter> - description
List<Automation
Rule String Filter> - first
Observed List<AutomationAt Rule Date Filter> - generator
Id List<AutomationRule String Filter> - id
List<Automation
Rule String Filter> - last
Observed List<AutomationAt Rule Date Filter> - note
Text List<AutomationRule String Filter> - note
Updated List<AutomationAt Rule Date Filter> - note
Updated List<AutomationBy Rule String Filter> - product
Arn List<AutomationRule String Filter> - product
Name List<AutomationRule String Filter> - record
State List<AutomationRule String Filter> - List<Automation
Rule String Filter> - List<Automation
Rule String Filter> - resource
Details List<AutomationOther Rule Map Filter> - resource
Id List<AutomationRule String Filter> - resource
Partition List<AutomationRule String Filter> - resource
Region List<AutomationRule String Filter> - List<Automation
Rule Map Filter> - resource
Type List<AutomationRule String Filter> - severity
Label List<AutomationRule String Filter> - source
Url List<AutomationRule String Filter> - title
List<Automation
Rule String Filter> - type
List<Automation
Rule String Filter> - updated
At List<AutomationRule Date Filter> - user
Defined List<AutomationFields Rule Map Filter> - verification
State List<AutomationRule String Filter> - workflow
Status List<AutomationRule String Filter>
- aws
Account AutomationId Rule String Filter[] - company
Name AutomationRule String Filter[] - compliance
Associated AutomationStandards Id Rule String Filter[] - compliance
Security AutomationControl Id Rule String Filter[] - compliance
Status AutomationRule String Filter[] - confidence
Automation
Rule Number Filter[] - created
At AutomationRule Date Filter[] - criticality
Automation
Rule Number Filter[] - description
Automation
Rule String Filter[] - first
Observed AutomationAt Rule Date Filter[] - generator
Id AutomationRule String Filter[] - id
Automation
Rule String Filter[] - last
Observed AutomationAt Rule Date Filter[] - note
Text AutomationRule String Filter[] - note
Updated AutomationAt Rule Date Filter[] - note
Updated AutomationBy Rule String Filter[] - product
Arn AutomationRule String Filter[] - product
Name AutomationRule String Filter[] - record
State AutomationRule String Filter[] - Automation
Rule String Filter[] - Automation
Rule String Filter[] - resource
Details AutomationOther Rule Map Filter[] - resource
Id AutomationRule String Filter[] - resource
Partition AutomationRule String Filter[] - resource
Region AutomationRule String Filter[] - Automation
Rule Map Filter[] - resource
Type AutomationRule String Filter[] - severity
Label AutomationRule String Filter[] - source
Url AutomationRule String Filter[] - title
Automation
Rule String Filter[] - type
Automation
Rule String Filter[] - updated
At AutomationRule Date Filter[] - user
Defined AutomationFields Rule Map Filter[] - verification
State AutomationRule String Filter[] - workflow
Status AutomationRule String Filter[]
- aws_
account_ Sequence[Automationid Rule String Filter] - company_
name Sequence[AutomationRule String Filter] - compliance_
associated_ Sequence[Automationstandards_ id Rule String Filter] - compliance_
security_ Sequence[Automationcontrol_ id Rule String Filter] - compliance_
status Sequence[AutomationRule String Filter] - confidence
Sequence[Automation
Rule Number Filter] - created_
at Sequence[AutomationRule Date Filter] - criticality
Sequence[Automation
Rule Number Filter] - description
Sequence[Automation
Rule String Filter] - first_
observed_ Sequence[Automationat Rule Date Filter] - generator_
id Sequence[AutomationRule String Filter] - id
Sequence[Automation
Rule String Filter] - last_
observed_ Sequence[Automationat Rule Date Filter] - note_
text Sequence[AutomationRule String Filter] - note_
updated_ Sequence[Automationat Rule Date Filter] - note_
updated_ Sequence[Automationby Rule String Filter] - product_
arn Sequence[AutomationRule String Filter] - product_
name Sequence[AutomationRule String Filter] - record_
state Sequence[AutomationRule String Filter] - Sequence[Automation
Rule String Filter] - Sequence[Automation
Rule String Filter] - resource_
details_ Sequence[Automationother Rule Map Filter] - resource_
id Sequence[AutomationRule String Filter] - resource_
partition Sequence[AutomationRule String Filter] - resource_
region Sequence[AutomationRule String Filter] - Sequence[Automation
Rule Map Filter] - resource_
type Sequence[AutomationRule String Filter] - severity_
label Sequence[AutomationRule String Filter] - source_
url Sequence[AutomationRule String Filter] - title
Sequence[Automation
Rule String Filter] - type
Sequence[Automation
Rule String Filter] - updated_
at Sequence[AutomationRule Date Filter] - user_
defined_ Sequence[Automationfields Rule Map Filter] - verification_
state Sequence[AutomationRule String Filter] - workflow_
status Sequence[AutomationRule String Filter]
- aws
Account List<Property Map>Id - company
Name List<Property Map> - compliance
Associated List<Property Map>Standards Id - compliance
Security List<Property Map>Control Id - compliance
Status List<Property Map> - confidence List<Property Map>
- created
At List<Property Map> - criticality List<Property Map>
- description List<Property Map>
- first
Observed List<Property Map>At - generator
Id List<Property Map> - id List<Property Map>
- last
Observed List<Property Map>At - note
Text List<Property Map> - note
Updated List<Property Map>At - note
Updated List<Property Map>By - product
Arn List<Property Map> - product
Name List<Property Map> - record
State List<Property Map> - List<Property Map>
- List<Property Map>
- resource
Details List<Property Map>Other - resource
Id List<Property Map> - resource
Partition List<Property Map> - resource
Region List<Property Map> - List<Property Map>
- resource
Type List<Property Map> - severity
Label List<Property Map> - source
Url List<Property Map> - title List<Property Map>
- type List<Property Map>
- updated
At List<Property Map> - user
Defined List<Property Map>Fields - verification
State List<Property Map> - workflow
Status List<Property Map>
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.