aws-native.iot.SecurityProfile

AWS Cloud Control v1.54.0, Feb 16 26

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.54.0 published on Monday, Feb 16, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.54.0 published on Monday, Feb 16, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

Create SecurityProfile Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityProfile(name: string, args?: SecurityProfileArgs, opts?: CustomResourceOptions);

@overload
def SecurityProfile(resource_name: str,
                    args: Optional[SecurityProfileArgs] = None,
                    opts: Optional[ResourceOptions] = None)

@overload
def SecurityProfile(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    additional_metrics_to_retain_v2: Optional[Sequence[SecurityProfileMetricToRetainArgs]] = None,
                    alert_targets: Optional[Mapping[str, SecurityProfileAlertTargetArgs]] = None,
                    behaviors: Optional[Sequence[SecurityProfileBehaviorArgs]] = None,
                    metrics_export_config: Optional[MetricsExportConfigPropertiesArgs] = None,
                    security_profile_description: Optional[str] = None,
                    security_profile_name: Optional[str] = None,
                    tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
                    target_arns: Optional[Sequence[str]] = None)

func NewSecurityProfile(ctx *Context, name string, args *SecurityProfileArgs, opts ...ResourceOption) (*SecurityProfile, error)

public SecurityProfile(string name, SecurityProfileArgs? args = null, CustomResourceOptions? opts = null)

public SecurityProfile(String name, SecurityProfileArgs args)
public SecurityProfile(String name, SecurityProfileArgs args, CustomResourceOptions options)

type: aws-native:iot:SecurityProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

SecurityProfile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecurityProfile resource accepts the following input properties:

AdditionalMetricsToRetainV2 List<Pulumi.AwsNative.IoT.Inputs.SecurityProfileMetricToRetain>: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
AlertTargets Dictionary<string, Pulumi.AwsNative.IoT.Inputs.SecurityProfileAlertTargetArgs>: Specifies the destinations to which alerts are sent.
Behaviors List<Pulumi.AwsNative.IoT.Inputs.SecurityProfileBehavior>: Specifies the behaviors that, when violated by a device (thing), cause an alert.
MetricsExportConfig Pulumi.AwsNative.IoT.Inputs.MetricsExportConfigProperties: A structure containing the mqtt topic for metrics export.
SecurityProfileDescription string: A description of the security profile.
SecurityProfileName string: A unique identifier for the security profile.
Tags List<Pulumi.AwsNative.Inputs.Tag>: Metadata that can be used to manage the security profile.
TargetArns List<string>: A set of target ARNs that the security profile is attached to.

AdditionalMetricsToRetainV2 []SecurityProfileMetricToRetainArgs: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
AlertTargets map[string]SecurityProfileAlertTargetArgs: Specifies the destinations to which alerts are sent.
Behaviors []SecurityProfileBehaviorArgs: Specifies the behaviors that, when violated by a device (thing), cause an alert.
MetricsExportConfig MetricsExportConfigPropertiesArgs: A structure containing the mqtt topic for metrics export.
SecurityProfileDescription string: A description of the security profile.
SecurityProfileName string: A unique identifier for the security profile.
Tags TagArgs: Metadata that can be used to manage the security profile.
TargetArns []string: A set of target ARNs that the security profile is attached to.

additionalMetricsToRetainV2 List<SecurityProfileMetricToRetain>: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
alertTargets Map<String,SecurityProfileAlertTargetArgs>: Specifies the destinations to which alerts are sent.
behaviors List<SecurityProfileBehavior>: Specifies the behaviors that, when violated by a device (thing), cause an alert.
metricsExportConfig MetricsExportConfigProperties: A structure containing the mqtt topic for metrics export.
securityProfileDescription String: A description of the security profile.
securityProfileName String: A unique identifier for the security profile.
tags List<Tag>: Metadata that can be used to manage the security profile.
targetArns List<String>: A set of target ARNs that the security profile is attached to.

additionalMetricsToRetainV2 SecurityProfileMetricToRetain[]: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
alertTargets {[key: string]: SecurityProfileAlertTargetArgs}: Specifies the destinations to which alerts are sent.
behaviors SecurityProfileBehavior[]: Specifies the behaviors that, when violated by a device (thing), cause an alert.
metricsExportConfig MetricsExportConfigProperties: A structure containing the mqtt topic for metrics export.
securityProfileDescription string: A description of the security profile.
securityProfileName string: A unique identifier for the security profile.
tags Tag[]: Metadata that can be used to manage the security profile.
targetArns string[]: A set of target ARNs that the security profile is attached to.

additional_metrics_to_retain_v2 Sequence[SecurityProfileMetricToRetainArgs]: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
alert_targets Mapping[str, SecurityProfileAlertTargetArgs]: Specifies the destinations to which alerts are sent.
behaviors Sequence[SecurityProfileBehaviorArgs]: Specifies the behaviors that, when violated by a device (thing), cause an alert.
metrics_export_config MetricsExportConfigPropertiesArgs: A structure containing the mqtt topic for metrics export.
security_profile_description str: A description of the security profile.
security_profile_name str: A unique identifier for the security profile.
tags Sequence[TagArgs]: Metadata that can be used to manage the security profile.
target_arns Sequence[str]: A set of target ARNs that the security profile is attached to.

additionalMetricsToRetainV2 List<Property Map>: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.
alertTargets Map<Property Map>: Specifies the destinations to which alerts are sent.
behaviors List<Property Map>: Specifies the behaviors that, when violated by a device (thing), cause an alert.
metricsExportConfig Property Map: A structure containing the mqtt topic for metrics export.
securityProfileDescription String: A description of the security profile.
securityProfileName String: A unique identifier for the security profile.
tags List<Property Map>: Metadata that can be used to manage the security profile.
targetArns List<String>: A set of target ARNs that the security profile is attached to.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityProfile resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
SecurityProfileArn string: The ARN (Amazon resource name) of the created security profile.

Id string: The provider-assigned unique ID for this managed resource.
SecurityProfileArn string: The ARN (Amazon resource name) of the created security profile.

id String: The provider-assigned unique ID for this managed resource.
securityProfileArn String: The ARN (Amazon resource name) of the created security profile.

id string: The provider-assigned unique ID for this managed resource.
securityProfileArn string: The ARN (Amazon resource name) of the created security profile.

id str: The provider-assigned unique ID for this managed resource.
security_profile_arn str: The ARN (Amazon resource name) of the created security profile.

id String: The provider-assigned unique ID for this managed resource.
securityProfileArn String: The ARN (Amazon resource name) of the created security profile.

Supporting Types

MetricsExportConfigProperties, MetricsExportConfigPropertiesArgs

A structure containing the mqtt topic for metrics export.

MqttTopic string: The topic for metrics export.
RoleArn string: The ARN of the role that grants permission to publish to mqtt topic.

MqttTopic string: The topic for metrics export.
RoleArn string: The ARN of the role that grants permission to publish to mqtt topic.

mqttTopic String: The topic for metrics export.
roleArn String: The ARN of the role that grants permission to publish to mqtt topic.

mqttTopic string: The topic for metrics export.
roleArn string: The ARN of the role that grants permission to publish to mqtt topic.

mqtt_topic str: The topic for metrics export.
role_arn str: The ARN of the role that grants permission to publish to mqtt topic.

mqttTopic String: The topic for metrics export.
roleArn String: The ARN of the role that grants permission to publish to mqtt topic.

SecurityProfileAlertTarget, SecurityProfileAlertTargetArgs

A structure containing the alert target ARN and the role ARN.

AlertTargetArn string: The ARN of the notification target to which alerts are sent.
RoleArn string: The ARN of the role that grants permission to send alerts to the notification target.

AlertTargetArn string: The ARN of the notification target to which alerts are sent.
RoleArn string: The ARN of the role that grants permission to send alerts to the notification target.

alertTargetArn String: The ARN of the notification target to which alerts are sent.
roleArn String: The ARN of the role that grants permission to send alerts to the notification target.

alertTargetArn string: The ARN of the notification target to which alerts are sent.
roleArn string: The ARN of the role that grants permission to send alerts to the notification target.

alert_target_arn str: The ARN of the notification target to which alerts are sent.
role_arn str: The ARN of the role that grants permission to send alerts to the notification target.

alertTargetArn String: The ARN of the notification target to which alerts are sent.
roleArn String: The ARN of the role that grants permission to send alerts to the notification target.

SecurityProfileBehavior, SecurityProfileBehaviorArgs

A security profile behavior.

Name string: The name for the behavior.
Criteria Pulumi.AwsNative.IoT.Inputs.SecurityProfileBehaviorCriteria: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
ExportMetric bool: Value indicates exporting metrics related to the behavior when it is true.
Metric string: What is measured by the behavior.
MetricDimension Pulumi.AwsNative.IoT.Inputs.SecurityProfileMetricDimension: The dimension of the metric.
SuppressAlerts bool: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

Name string: The name for the behavior.
Criteria SecurityProfileBehaviorCriteria: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
ExportMetric bool: Value indicates exporting metrics related to the behavior when it is true.
Metric string: What is measured by the behavior.
MetricDimension SecurityProfileMetricDimension: The dimension of the metric.
SuppressAlerts bool: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

name String: The name for the behavior.
criteria SecurityProfileBehaviorCriteria: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
exportMetric Boolean: Value indicates exporting metrics related to the behavior when it is true.
metric String: What is measured by the behavior.
metricDimension SecurityProfileMetricDimension: The dimension of the metric.
suppressAlerts Boolean: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

name string: The name for the behavior.
criteria SecurityProfileBehaviorCriteria: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
exportMetric boolean: Value indicates exporting metrics related to the behavior when it is true.
metric string: What is measured by the behavior.
metricDimension SecurityProfileMetricDimension: The dimension of the metric.
suppressAlerts boolean: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

name str: The name for the behavior.
criteria SecurityProfileBehaviorCriteria: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
export_metric bool: Value indicates exporting metrics related to the behavior when it is true.
metric str: What is measured by the behavior.
metric_dimension SecurityProfileMetricDimension: The dimension of the metric.
suppress_alerts bool: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

name String: The name for the behavior.
criteria Property Map: The criteria that determine if a device is behaving normally in regard to the metric .
In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
exportMetric Boolean: Value indicates exporting metrics related to the behavior when it is true.
metric String: What is measured by the behavior.
metricDimension Property Map: The dimension of the metric.
suppressAlerts Boolean: Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.

SecurityProfileBehaviorCriteria, SecurityProfileBehaviorCriteriaArgs

The criteria by which the behavior is determined to be normal.

ComparisonOperator Pulumi.AwsNative.IoT.SecurityProfileBehaviorCriteriaComparisonOperator: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
ConsecutiveDatapointsToAlarm int: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
ConsecutiveDatapointsToClear int: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
DurationSeconds int: Use this to specify the time duration over which the behavior is evaluated.
MlDetectionConfig Pulumi.AwsNative.IoT.Inputs.SecurityProfileMachineLearningDetectionConfig: The confidence level of the detection model.
StatisticalThreshold Pulumi.AwsNative.IoT.Inputs.SecurityProfileStatisticalThreshold: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
Value Pulumi.AwsNative.IoT.Inputs.SecurityProfileMetricValue: The value to be compared with the metric .

ComparisonOperator SecurityProfileBehaviorCriteriaComparisonOperator: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
ConsecutiveDatapointsToAlarm int: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
ConsecutiveDatapointsToClear int: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
DurationSeconds int: Use this to specify the time duration over which the behavior is evaluated.
MlDetectionConfig SecurityProfileMachineLearningDetectionConfig: The confidence level of the detection model.
StatisticalThreshold SecurityProfileStatisticalThreshold: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
Value SecurityProfileMetricValue: The value to be compared with the metric .

comparisonOperator SecurityProfileBehaviorCriteriaComparisonOperator: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
consecutiveDatapointsToAlarm Integer: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
consecutiveDatapointsToClear Integer: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
durationSeconds Integer: Use this to specify the time duration over which the behavior is evaluated.
mlDetectionConfig SecurityProfileMachineLearningDetectionConfig: The confidence level of the detection model.
statisticalThreshold SecurityProfileStatisticalThreshold: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
value SecurityProfileMetricValue: The value to be compared with the metric .

comparisonOperator SecurityProfileBehaviorCriteriaComparisonOperator: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
consecutiveDatapointsToAlarm number: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
consecutiveDatapointsToClear number: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
durationSeconds number: Use this to specify the time duration over which the behavior is evaluated.
mlDetectionConfig SecurityProfileMachineLearningDetectionConfig: The confidence level of the detection model.
statisticalThreshold SecurityProfileStatisticalThreshold: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
value SecurityProfileMetricValue: The value to be compared with the metric .

comparison_operator SecurityProfileBehaviorCriteriaComparisonOperator: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
consecutive_datapoints_to_alarm int: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
consecutive_datapoints_to_clear int: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
duration_seconds int: Use this to specify the time duration over which the behavior is evaluated.
ml_detection_config SecurityProfileMachineLearningDetectionConfig: The confidence level of the detection model.
statistical_threshold SecurityProfileStatisticalThreshold: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
value SecurityProfileMetricValue: The value to be compared with the metric .

comparisonOperator "less-than" | "less-than-equals" | "greater-than" | "greater-than-equals" | "in-cidr-set" | "not-in-cidr-set" | "in-port-set" | "not-in-port-set" | "in-set" | "not-in-set": The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold).
consecutiveDatapointsToAlarm Number: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
consecutiveDatapointsToClear Number: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
durationSeconds Number: Use this to specify the time duration over which the behavior is evaluated.
mlDetectionConfig Property Map: The confidence level of the detection model.
statisticalThreshold Property Map: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
value Property Map: The value to be compared with the metric .

SecurityProfileBehaviorCriteriaComparisonOperator, SecurityProfileBehaviorCriteriaComparisonOperatorArgs

LessThan: less-than
LessThanEquals: less-than-equals
GreaterThan: greater-than
GreaterThanEquals: greater-than-equals
InCidrSet: in-cidr-set
NotInCidrSet: not-in-cidr-set
InPortSet: in-port-set
NotInPortSet: not-in-port-set
InSet: in-set
NotInSet: not-in-set

SecurityProfileBehaviorCriteriaComparisonOperatorLessThan: less-than
SecurityProfileBehaviorCriteriaComparisonOperatorLessThanEquals: less-than-equals
SecurityProfileBehaviorCriteriaComparisonOperatorGreaterThan: greater-than
SecurityProfileBehaviorCriteriaComparisonOperatorGreaterThanEquals: greater-than-equals
SecurityProfileBehaviorCriteriaComparisonOperatorInCidrSet: in-cidr-set
SecurityProfileBehaviorCriteriaComparisonOperatorNotInCidrSet: not-in-cidr-set
SecurityProfileBehaviorCriteriaComparisonOperatorInPortSet: in-port-set
SecurityProfileBehaviorCriteriaComparisonOperatorNotInPortSet: not-in-port-set
SecurityProfileBehaviorCriteriaComparisonOperatorInSet: in-set
SecurityProfileBehaviorCriteriaComparisonOperatorNotInSet: not-in-set

LessThan: less-than
LessThanEquals: less-than-equals
GreaterThan: greater-than
GreaterThanEquals: greater-than-equals
InCidrSet: in-cidr-set
NotInCidrSet: not-in-cidr-set
InPortSet: in-port-set
NotInPortSet: not-in-port-set
InSet: in-set
NotInSet: not-in-set

LessThan: less-than
LessThanEquals: less-than-equals
GreaterThan: greater-than
GreaterThanEquals: greater-than-equals
InCidrSet: in-cidr-set
NotInCidrSet: not-in-cidr-set
InPortSet: in-port-set
NotInPortSet: not-in-port-set
InSet: in-set
NotInSet: not-in-set

LESS_THAN: less-than
LESS_THAN_EQUALS: less-than-equals
GREATER_THAN: greater-than
GREATER_THAN_EQUALS: greater-than-equals
IN_CIDR_SET: in-cidr-set
NOT_IN_CIDR_SET: not-in-cidr-set
IN_PORT_SET: in-port-set
NOT_IN_PORT_SET: not-in-port-set
IN_SET: in-set
NOT_IN_SET: not-in-set

"less-than": less-than
"less-than-equals": less-than-equals
"greater-than": greater-than
"greater-than-equals": greater-than-equals
"in-cidr-set": in-cidr-set
"not-in-cidr-set": not-in-cidr-set
"in-port-set": in-port-set
"not-in-port-set": not-in-port-set
"in-set": in-set
"not-in-set": not-in-set

SecurityProfileMachineLearningDetectionConfig, SecurityProfileMachineLearningDetectionConfigArgs

The configuration of an ML Detect Security Profile.

ConfidenceLevel Pulumi.AwsNative.IoT.SecurityProfileMachineLearningDetectionConfigConfidenceLevel: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

ConfidenceLevel SecurityProfileMachineLearningDetectionConfigConfidenceLevel: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

confidenceLevel SecurityProfileMachineLearningDetectionConfigConfidenceLevel: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

confidenceLevel SecurityProfileMachineLearningDetectionConfigConfidenceLevel: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

confidence_level SecurityProfileMachineLearningDetectionConfigConfidenceLevel: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

confidenceLevel "LOW" | "MEDIUM" | "HIGH": The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.

SecurityProfileMachineLearningDetectionConfigConfidenceLevel, SecurityProfileMachineLearningDetectionConfigConfidenceLevelArgs

Low: LOW
Medium: MEDIUM
High: HIGH

SecurityProfileMachineLearningDetectionConfigConfidenceLevelLow: LOW
SecurityProfileMachineLearningDetectionConfigConfidenceLevelMedium: MEDIUM
SecurityProfileMachineLearningDetectionConfigConfidenceLevelHigh: HIGH

Low: LOW
Medium: MEDIUM
High: HIGH

Low: LOW
Medium: MEDIUM
High: HIGH

LOW: LOW
MEDIUM: MEDIUM
HIGH: HIGH

"LOW": LOW
"MEDIUM": MEDIUM
"HIGH": HIGH

SecurityProfileMetricDimension, SecurityProfileMetricDimensionArgs

The dimension of a metric.

DimensionName string: A unique identifier for the dimension.
Operator Pulumi.AwsNative.IoT.SecurityProfileMetricDimensionOperator: Defines how the dimensionValues of a dimension are interpreted.

DimensionName string: A unique identifier for the dimension.
Operator SecurityProfileMetricDimensionOperator: Defines how the dimensionValues of a dimension are interpreted.

dimensionName String: A unique identifier for the dimension.
operator SecurityProfileMetricDimensionOperator: Defines how the dimensionValues of a dimension are interpreted.

dimensionName string: A unique identifier for the dimension.
operator SecurityProfileMetricDimensionOperator: Defines how the dimensionValues of a dimension are interpreted.

dimension_name str: A unique identifier for the dimension.
operator SecurityProfileMetricDimensionOperator: Defines how the dimensionValues of a dimension are interpreted.

dimensionName String: A unique identifier for the dimension.
operator "IN" | "NOT_IN": Defines how the dimensionValues of a dimension are interpreted.

SecurityProfileMetricDimensionOperator, SecurityProfileMetricDimensionOperatorArgs

In: IN
NotIn: NOT_IN

SecurityProfileMetricDimensionOperatorIn: IN
SecurityProfileMetricDimensionOperatorNotIn: NOT_IN

In: IN
NotIn: NOT_IN

In: IN
NotIn: NOT_IN

IN_: IN
NOT_IN: NOT_IN

"IN": IN
"NOT_IN": NOT_IN

SecurityProfileMetricToRetain, SecurityProfileMetricToRetainArgs

The metric you want to retain. Dimensions are optional.

Metric string: What is measured by the behavior.
ExportMetric bool: The value indicates exporting metrics related to the MetricToRetain when it's true.
MetricDimension Pulumi.AwsNative.IoT.Inputs.SecurityProfileMetricDimension: The dimension of the metric.

Metric string: What is measured by the behavior.
ExportMetric bool: The value indicates exporting metrics related to the MetricToRetain when it's true.
MetricDimension SecurityProfileMetricDimension: The dimension of the metric.

metric String: What is measured by the behavior.
exportMetric Boolean: The value indicates exporting metrics related to the MetricToRetain when it's true.
metricDimension SecurityProfileMetricDimension: The dimension of the metric.

metric string: What is measured by the behavior.
exportMetric boolean: The value indicates exporting metrics related to the MetricToRetain when it's true.
metricDimension SecurityProfileMetricDimension: The dimension of the metric.

metric str: What is measured by the behavior.
export_metric bool: The value indicates exporting metrics related to the MetricToRetain when it's true.
metric_dimension SecurityProfileMetricDimension: The dimension of the metric.

metric String: What is measured by the behavior.
exportMetric Boolean: The value indicates exporting metrics related to the MetricToRetain when it's true.
metricDimension Property Map: The dimension of the metric.

SecurityProfileMetricValue, SecurityProfileMetricValueArgs

The value to be compared with the metric.

Cidrs List<string>: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
Count string: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
Number double: The numeral value of a metric.
Numbers List<double>: The numeral values of a metric.
Ports List<int>: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
Strings List<string>: The string values of a metric.

Cidrs []string: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
Count string: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
Number float64: The numeral value of a metric.
Numbers []float64: The numeral values of a metric.
Ports []int: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
Strings []string: The string values of a metric.

cidrs List<String>: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
count String: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
number Double: The numeral value of a metric.
numbers List<Double>: The numeral values of a metric.
ports List<Integer>: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
strings List<String>: The string values of a metric.

cidrs string[]: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
count string: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
number number: The numeral value of a metric.
numbers number[]: The numeral values of a metric.
ports number[]: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
strings string[]: The string values of a metric.

cidrs Sequence[str]: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
count str: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
number float: The numeral value of a metric.
numbers Sequence[float]: The numeral values of a metric.
ports Sequence[int]: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
strings Sequence[str]: The string values of a metric.

cidrs List<String>: If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
count String: If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric.
number Number: The numeral value of a metric.
numbers List<Number>: The numeral values of a metric.
ports List<Number>: If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
strings List<String>: The string values of a metric.

SecurityProfileStatisticalThreshold, SecurityProfileStatisticalThresholdArgs

A statistical ranking (percentile) which indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.

Statistic Pulumi.AwsNative.IoT.SecurityProfileStatisticalThresholdStatistic: The percentile which resolves to a threshold value by which compliance with a behavior is determined

Statistic SecurityProfileStatisticalThresholdStatistic: The percentile which resolves to a threshold value by which compliance with a behavior is determined

statistic SecurityProfileStatisticalThresholdStatistic: The percentile which resolves to a threshold value by which compliance with a behavior is determined

statistic SecurityProfileStatisticalThresholdStatistic: The percentile which resolves to a threshold value by which compliance with a behavior is determined

statistic SecurityProfileStatisticalThresholdStatistic: The percentile which resolves to a threshold value by which compliance with a behavior is determined

statistic "Average" | "p0" | "p0.1" | "p0.01" | "p1" | "p10" | "p50" | "p90" | "p99" | "p99.9" | "p99.99" | "p100": The percentile which resolves to a threshold value by which compliance with a behavior is determined

SecurityProfileStatisticalThresholdStatistic, SecurityProfileStatisticalThresholdStatisticArgs

Average: Average
P0: p0
P01: p0.1
P001: p0.01
P1: p1
P10: p10
P50: p50
P90: p90
P99: p99
P999: p99.9
P9999: p99.99
P100: p100

SecurityProfileStatisticalThresholdStatisticAverage: Average
SecurityProfileStatisticalThresholdStatisticP0: p0
SecurityProfileStatisticalThresholdStatisticP01: p0.1
SecurityProfileStatisticalThresholdStatisticP001: p0.01
SecurityProfileStatisticalThresholdStatisticP1: p1
SecurityProfileStatisticalThresholdStatisticP10: p10
SecurityProfileStatisticalThresholdStatisticP50: p50
SecurityProfileStatisticalThresholdStatisticP90: p90
SecurityProfileStatisticalThresholdStatisticP99: p99
SecurityProfileStatisticalThresholdStatisticP999: p99.9
SecurityProfileStatisticalThresholdStatisticP9999: p99.99
SecurityProfileStatisticalThresholdStatisticP100: p100

Average: Average
P0: p0
P01: p0.1
P001: p0.01
P1: p1
P10: p10
P50: p50
P90: p90
P99: p99
P999: p99.9
P9999: p99.99
P100: p100

Average: Average
P0: p0
P01: p0.1
P001: p0.01
P1: p1
P10: p10
P50: p50
P90: p90
P99: p99
P999: p99.9
P9999: p99.99
P100: p100

AVERAGE: Average
P0: p0
P01: p0.1
P001: p0.01
P1: p1
P10: p10
P50: p50
P90: p90
P99: p99
P999: p99.9
P9999: p99.99
P100: p100

"Average": Average
"p0": p0
"p0.1": p0.1
"p0.01": p0.01
"p1": p1
"p10": p10
"p50": p50
"p90": p90
"p99": p99
"p99.9": p99.9
"p99.99": p99.99
"p100": p100

Tag, TagArgs

A set of tags to apply to the resource.

Key string: The key name of the tag
Value string: The value of the tag

Key string: The key name of the tag
Value string: The value of the tag

key String: The key name of the tag
value String: The value of the tag

key string: The key name of the tag
value string: The value of the tag

key str: The key name of the tag
value str: The value of the tag

key String: The key name of the tag
value String: The value of the tag

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.54.0 published on Monday, Feb 16, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

aws-native.iot.SecurityProfile

On this page

On this page

Create SecurityProfile Resource

Constructor syntax

Parameters

SecurityProfile Resource Properties

Inputs

Outputs

Supporting Types

MetricsExportConfigProperties, MetricsExportConfigPropertiesArgs

SecurityProfileAlertTarget, SecurityProfileAlertTargetArgs

SecurityProfileBehavior, SecurityProfileBehaviorArgs

SecurityProfileBehaviorCriteria, SecurityProfileBehaviorCriteriaArgs

SecurityProfileBehaviorCriteriaComparisonOperator, SecurityProfileBehaviorCriteriaComparisonOperatorArgs

SecurityProfileMachineLearningDetectionConfig, SecurityProfileMachineLearningDetectionConfigArgs

SecurityProfileMachineLearningDetectionConfigConfidenceLevel, SecurityProfileMachineLearningDetectionConfigConfidenceLevelArgs

SecurityProfileMetricDimension, SecurityProfileMetricDimensionArgs

SecurityProfileMetricDimensionOperator, SecurityProfileMetricDimensionOperatorArgs

SecurityProfileMetricToRetain, SecurityProfileMetricToRetainArgs

SecurityProfileMetricValue, SecurityProfileMetricValueArgs

SecurityProfileStatisticalThreshold, SecurityProfileStatisticalThresholdArgs

SecurityProfileStatisticalThresholdStatistic, SecurityProfileStatisticalThresholdStatisticArgs

Tag, TagArgs

Package Details

On this page

On this page