1. Packages
  2. AWS Native
  3. API Docs
  4. securityhub
  5. AutomationRule

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.102.0 published on Tuesday, Apr 16, 2024 by Pulumi

aws-native.securityhub.AutomationRule

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.102.0 published on Tuesday, Apr 16, 2024 by Pulumi

    The AWS::SecurityHub::AutomationRule resource specifies an automation rule based on input parameters. For more information, see Automation rules in the User Guide.

    Example Usage

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule("ruleWithCriteriaActionsTags", new()
        {
            RuleName = "Example rule name",
            RuleOrder = 5,
            Description = "Example rule description.",
            IsTerminal = false,
            RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,
            Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs
            {
                ProductName = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "GuardDuty",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "SecurityHub",
                    },
                },
                CompanyName = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "AWS",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "Private",
                    },
                },
                ProductArn = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "arn:aws:securityhub:us-west-2:123456789012:product/aws",
                    },
                },
                AwsAccountId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "123456789012",
                    },
                },
                Id = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-finding-id",
                    },
                },
                GeneratorId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-generator-id",
                    },
                },
                Type = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "type-1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "type-2",
                    },
                },
                Description = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "description1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "description2",
                    },
                },
                SourceUrl = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "https",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "ftp",
                    },
                },
                Title = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "title-1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "title-2",
                    },
                },
                SeverityLabel = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "LOW",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "HIGH",
                    },
                },
                ResourceType = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "AwsEc2Instance",
                    },
                },
                ResourcePartition = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "aws",
                    },
                },
                ResourceId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "i-1234567890",
                    },
                },
                ResourceRegion = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "us-west",
                    },
                },
                ComplianceStatus = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "FAILED",
                    },
                },
                ComplianceSecurityControlId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "EC2.3",
                    },
                },
                ComplianceAssociatedStandardsId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
                    },
                },
                VerificationState = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "BENIGN_POSITIVE",
                    },
                },
                RecordState = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "ACTIVE",
                    },
                },
                RelatedFindingsProductArn = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
                    },
                },
                RelatedFindingsId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-finding-id-2",
                    },
                },
                NoteText = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-note-text",
                    },
                },
                NoteUpdatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                NoteUpdatedBy = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "sechub",
                    },
                },
                WorkflowStatus = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "NEW",
                    },
                },
                FirstObservedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                LastObservedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                CreatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                UpdatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        Start = "2023-04-25T17:05:54.832Z",
                        End = "2023-05-25T17:05:54.832Z",
                    },
                },
                ResourceTags = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "security",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "operations",
                    },
                },
                UserDefinedFields = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
                        Key = "key1",
                        Value = "security",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
                        Key = "key2",
                        Value = "operations",
                    },
                },
                ResourceDetailsOther = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "area",
                        Value = "na",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "sales",
                    },
                },
                Confidence = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
                    {
                        Gte = 50,
                        Lte = 95,
                    },
                },
                Criticality = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
                    {
                        Gte = 50,
                        Lte = 95,
                    },
                },
            },
            Actions = new[]
            {
                new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs
                {
                    Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,
                    FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs
                    {
                        Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs
                        {
                            Product = 50,
                            Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,
                            Normalized = 60,
                        },
                        Types = new[]
                        {
                            "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                            "Industry Compliance",
                        },
                        Confidence = 98,
                        Criticality = 95,
                        UserDefinedFields = 
                        {
                            { "key1", "value1" },
                            { "key2", "value2" },
                        },
                        RelatedFindings = new[]
                        {
                            new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
                            {
                                ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                                Id = "sample-finding-id-1",
                            },
                            new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
                            {
                                ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                                Id = "sample-finding-id-2",
                            },
                        },
                        Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs
                        {
                            Text = "sample-note-text",
                            UpdatedBy = "sechub",
                        },
                        VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
                        Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs
                        {
                            Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,
                        },
                    },
                },
            },
            Tags = 
            {
                { "sampleTag", "sampleValue" },
                { "organizationUnit", "pnw" },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityhub.NewAutomationRule(ctx, "ruleWithCriteriaActionsTags", &securityhub.AutomationRuleArgs{
    			RuleName:    pulumi.String("Example rule name"),
    			RuleOrder:   pulumi.Int(5),
    			Description: pulumi.String("Example rule description."),
    			IsTerminal:  pulumi.Bool(false),
    			RuleStatus:  securityhub.AutomationRuleRuleStatusEnabled,
    			Criteria: &securityhub.AutomationRulesFindingFiltersArgs{
    				ProductName: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("GuardDuty"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("SecurityHub"),
    					},
    				},
    				CompanyName: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("AWS"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("Private"),
    					},
    				},
    				ProductArn: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/aws"),
    					},
    				},
    				AwsAccountId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("123456789012"),
    					},
    				},
    				Id: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-finding-id"),
    					},
    				},
    				GeneratorId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-generator-id"),
    					},
    				},
    				Type: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("type-1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("type-2"),
    					},
    				},
    				Description: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("description1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("description2"),
    					},
    				},
    				SourceUrl: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("https"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("ftp"),
    					},
    				},
    				Title: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("title-1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("title-2"),
    					},
    				},
    				SeverityLabel: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("LOW"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("HIGH"),
    					},
    				},
    				ResourceType: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("AwsEc2Instance"),
    					},
    				},
    				ResourcePartition: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("aws"),
    					},
    				},
    				ResourceId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("i-1234567890"),
    					},
    				},
    				ResourceRegion: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("us-west"),
    					},
    				},
    				ComplianceStatus: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("FAILED"),
    					},
    				},
    				ComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("EC2.3"),
    					},
    				},
    				ComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("ruleset/cis-aws-foundations-benchmark/v/1.2.0"),
    					},
    				},
    				VerificationState: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("BENIGN_POSITIVE"),
    					},
    				},
    				RecordState: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("ACTIVE"),
    					},
    				},
    				RelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("arn:aws:securityhub:eu-central-1::product/aws/securityhub"),
    					},
    				},
    				RelatedFindingsId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-finding-id-2"),
    					},
    				},
    				NoteText: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-note-text"),
    					},
    				},
    				NoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				NoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("sechub"),
    					},
    				},
    				WorkflowStatus: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("NEW"),
    					},
    				},
    				FirstObservedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				LastObservedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				CreatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				UpdatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						Start: pulumi.String("2023-04-25T17:05:54.832Z"),
    						End:   pulumi.String("2023-05-25T17:05:54.832Z"),
    					},
    				},
    				ResourceTags: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("security"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("operations"),
    					},
    				},
    				UserDefinedFields: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
    						Key:        pulumi.String("key1"),
    						Value:      pulumi.String("security"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
    						Key:        pulumi.String("key2"),
    						Value:      pulumi.String("operations"),
    					},
    				},
    				ResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("area"),
    						Value:      pulumi.String("na"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("sales"),
    					},
    				},
    				Confidence: securityhub.AutomationRuleNumberFilterArray{
    					&securityhub.AutomationRuleNumberFilterArgs{
    						Gte: pulumi.Float64(50),
    						Lte: pulumi.Float64(95),
    					},
    				},
    				Criticality: securityhub.AutomationRuleNumberFilterArray{
    					&securityhub.AutomationRuleNumberFilterArgs{
    						Gte: pulumi.Float64(50),
    						Lte: pulumi.Float64(95),
    					},
    				},
    			},
    			Actions: securityhub.AutomationRulesActionArray{
    				&securityhub.AutomationRulesActionArgs{
    					Type: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,
    					FindingFieldsUpdate: &securityhub.AutomationRulesFindingFieldsUpdateArgs{
    						Severity: &securityhub.AutomationRuleSeverityUpdateArgs{
    							Product:    pulumi.Float64(50),
    							Label:      securityhub.AutomationRuleSeverityUpdateLabelMedium,
    							Normalized: pulumi.Int(60),
    						},
    						Types: pulumi.StringArray{
    							pulumi.String("Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices"),
    							pulumi.String("Industry Compliance"),
    						},
    						Confidence:  pulumi.Int(98),
    						Criticality: pulumi.Int(95),
    						UserDefinedFields: pulumi.StringMap{
    							"key1": pulumi.String("value1"),
    							"key2": pulumi.String("value2"),
    						},
    						RelatedFindings: securityhub.AutomationRuleRelatedFindingArray{
    							&securityhub.AutomationRuleRelatedFindingArgs{
    								ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    								Id:         pulumi.String("sample-finding-id-1"),
    							},
    							&securityhub.AutomationRuleRelatedFindingArgs{
    								ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    								Id:         pulumi.String("sample-finding-id-2"),
    							},
    						},
    						Note: &securityhub.AutomationRuleNoteUpdateArgs{
    							Text:      pulumi.String("sample-note-text"),
    							UpdatedBy: pulumi.String("sechub"),
    						},
    						VerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,
    						Workflow: &securityhub.AutomationRuleWorkflowUpdateArgs{
    							Status: securityhub.AutomationRuleWorkflowUpdateStatusNotified,
    						},
    					},
    				},
    			},
    			Tags: pulumi.StringMap{
    				"sampleTag":        pulumi.String("sampleValue"),
    				"organizationUnit": pulumi.String("pnw"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    rule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags",
        rule_name="Example rule name",
        rule_order=5,
        description="Example rule description.",
        is_terminal=False,
        rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,
        criteria=aws_native.securityhub.AutomationRulesFindingFiltersArgs(
            product_name=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="GuardDuty",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="SecurityHub",
                ),
            ],
            company_name=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="AWS",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="Private",
                ),
            ],
            product_arn=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="arn:aws:securityhub:us-west-2:123456789012:product/aws",
                ),
            ],
            aws_account_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="123456789012",
            )],
            id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-finding-id",
            )],
            generator_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-generator-id",
            )],
            type=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="type-1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="type-2",
                ),
            ],
            description=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="description1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="description2",
                ),
            ],
            source_url=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="https",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="ftp",
                ),
            ],
            title=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="title-1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="title-2",
                ),
            ],
            severity_label=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="LOW",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="HIGH",
                ),
            ],
            resource_type=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="AwsEc2Instance",
            )],
            resource_partition=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="aws",
            )],
            resource_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="i-1234567890",
            )],
            resource_region=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="us-west",
            )],
            compliance_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="FAILED",
            )],
            compliance_security_control_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="EC2.3",
            )],
            compliance_associated_standards_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="ruleset/cis-aws-foundations-benchmark/v/1.2.0",
            )],
            verification_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="BENIGN_POSITIVE",
            )],
            record_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="ACTIVE",
            )],
            related_findings_product_arn=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="arn:aws:securityhub:eu-central-1::product/aws/securityhub",
            )],
            related_findings_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-finding-id-2",
            )],
            note_text=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-note-text",
            )],
            note_updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            note_updated_by=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="sechub",
            )],
            workflow_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="NEW",
            )],
            first_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            last_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            created_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                start="2023-04-25T17:05:54.832Z",
                end="2023-05-25T17:05:54.832Z",
            )],
            resource_tags=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="security",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="operations",
                ),
            ],
            user_defined_fields=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
                    key="key1",
                    value="security",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
                    key="key2",
                    value="operations",
                ),
            ],
            resource_details_other=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="area",
                    value="na",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="sales",
                ),
            ],
            confidence=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
                gte=50,
                lte=95,
            )],
            criticality=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
                gte=50,
                lte=95,
            )],
        ),
        actions=[aws_native.securityhub.AutomationRulesActionArgs(
            type=aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,
            finding_fields_update=aws_native.securityhub.AutomationRulesFindingFieldsUpdateArgs(
                severity=aws_native.securityhub.AutomationRuleSeverityUpdateArgs(
                    product=50,
                    label=aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,
                    normalized=60,
                ),
                types=[
                    "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                    "Industry Compliance",
                ],
                confidence=98,
                criticality=95,
                user_defined_fields={
                    "key1": "value1",
                    "key2": "value2",
                },
                related_findings=[
                    aws_native.securityhub.AutomationRuleRelatedFindingArgs(
                        product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id="sample-finding-id-1",
                    ),
                    aws_native.securityhub.AutomationRuleRelatedFindingArgs(
                        product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id="sample-finding-id-2",
                    ),
                ],
                note=aws_native.securityhub.AutomationRuleNoteUpdateArgs(
                    text="sample-note-text",
                    updated_by="sechub",
                ),
                verification_state=aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,
                workflow=aws_native.securityhub.AutomationRuleWorkflowUpdateArgs(
                    status=aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,
                ),
            ),
        )],
        tags={
            "sampleTag": "sampleValue",
            "organizationUnit": "pnw",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags", {
        ruleName: "Example rule name",
        ruleOrder: 5,
        description: "Example rule description.",
        isTerminal: false,
        ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
        criteria: {
            productName: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "GuardDuty",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "SecurityHub",
                },
            ],
            companyName: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "AWS",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "Private",
                },
            ],
            productArn: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "arn:aws:securityhub:us-west-2:123456789012:product/aws",
                },
            ],
            awsAccountId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "123456789012",
            }],
            id: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-finding-id",
            }],
            generatorId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-generator-id",
            }],
            type: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "type-1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "type-2",
                },
            ],
            description: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "description1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "description2",
                },
            ],
            sourceUrl: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "https",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "ftp",
                },
            ],
            title: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "title-1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "title-2",
                },
            ],
            severityLabel: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "LOW",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "HIGH",
                },
            ],
            resourceType: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "AwsEc2Instance",
            }],
            resourcePartition: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "aws",
            }],
            resourceId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "i-1234567890",
            }],
            resourceRegion: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "us-west",
            }],
            complianceStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "FAILED",
            }],
            complianceSecurityControlId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "EC2.3",
            }],
            complianceAssociatedStandardsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
            }],
            verificationState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "BENIGN_POSITIVE",
            }],
            recordState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "ACTIVE",
            }],
            relatedFindingsProductArn: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
            }],
            relatedFindingsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-finding-id-2",
            }],
            noteText: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-note-text",
            }],
            noteUpdatedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            noteUpdatedBy: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "sechub",
            }],
            workflowStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "NEW",
            }],
            firstObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            lastObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            createdAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            updatedAt: [{
                start: "2023-04-25T17:05:54.832Z",
                end: "2023-05-25T17:05:54.832Z",
            }],
            resourceTags: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "security",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "operations",
                },
            ],
            userDefinedFields: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                    key: "key1",
                    value: "security",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                    key: "key2",
                    value: "operations",
                },
            ],
            resourceDetailsOther: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "area",
                    value: "na",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "sales",
                },
            ],
            confidence: [{
                gte: 50,
                lte: 95,
            }],
            criticality: [{
                gte: 50,
                lte: 95,
            }],
        },
        actions: [{
            type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
            findingFieldsUpdate: {
                severity: {
                    product: 50,
                    label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,
                    normalized: 60,
                },
                types: [
                    "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                    "Industry Compliance",
                ],
                confidence: 98,
                criticality: 95,
                userDefinedFields: {
                    key1: "value1",
                    key2: "value2",
                },
                relatedFindings: [
                    {
                        productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id: "sample-finding-id-1",
                    },
                    {
                        productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id: "sample-finding-id-2",
                    },
                ],
                note: {
                    text: "sample-note-text",
                    updatedBy: "sechub",
                },
                verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
                workflow: {
                    status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,
                },
            },
        }],
        tags: {
            sampleTag: "sampleValue",
            organizationUnit: "pnw",
        },
    });
    

    Coming soon!

    Example

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AwsNative = Pulumi.AwsNative;
    
    return await Deployment.RunAsync(() => 
    {
        var ruleWithCriteriaActionsTags = new AwsNative.SecurityHub.AutomationRule("ruleWithCriteriaActionsTags", new()
        {
            RuleName = "Example rule name",
            RuleOrder = 5,
            Description = "Example rule description.",
            IsTerminal = false,
            RuleStatus = AwsNative.SecurityHub.AutomationRuleRuleStatus.Enabled,
            Criteria = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFiltersArgs
            {
                ProductName = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "GuardDuty",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "SecurityHub",
                    },
                },
                CompanyName = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "AWS",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "Private",
                    },
                },
                ProductArn = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "arn:aws:securityhub:us-west-2:123456789012:product/aws",
                    },
                },
                AwsAccountId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "123456789012",
                    },
                },
                Id = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-finding-id",
                    },
                },
                GeneratorId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-generator-id",
                    },
                },
                Type = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "type-1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "type-2",
                    },
                },
                Description = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "description1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "description2",
                    },
                },
                SourceUrl = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "https",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "ftp",
                    },
                },
                Title = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "title-1",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "title-2",
                    },
                },
                SeverityLabel = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "LOW",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "HIGH",
                    },
                },
                ResourceType = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "AwsEc2Instance",
                    },
                },
                ResourcePartition = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "aws",
                    },
                },
                ResourceId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "i-1234567890",
                    },
                },
                ResourceRegion = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "us-west",
                    },
                },
                ComplianceStatus = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "FAILED",
                    },
                },
                ComplianceSecurityControlId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "EC2.3",
                    },
                },
                ComplianceAssociatedStandardsId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
                    },
                },
                VerificationState = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "BENIGN_POSITIVE",
                    },
                },
                RecordState = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "ACTIVE",
                    },
                },
                RelatedFindingsProductArn = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
                    },
                },
                RelatedFindingsId = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-finding-id-2",
                    },
                },
                NoteText = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "example-note-text",
                    },
                },
                NoteUpdatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                NoteUpdatedBy = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.Prefix,
                        Value = "sechub",
                    },
                },
                WorkflowStatus = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleStringFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleStringFilterComparison.EqualsValue,
                        Value = "NEW",
                    },
                },
                FirstObservedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                LastObservedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                CreatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        DateRange = new AwsNative.SecurityHub.Inputs.AutomationRuleDateRangeArgs
                        {
                            Unit = AwsNative.SecurityHub.AutomationRuleDateRangeUnit.Days,
                            Value = 5,
                        },
                    },
                },
                UpdatedAt = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleDateFilterArgs
                    {
                        Start = "2023-04-25T17:05:54.832Z",
                        End = "2023-05-25T17:05:54.832Z",
                    },
                },
                ResourceTags = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "security",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "operations",
                    },
                },
                UserDefinedFields = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
                        Key = "key1",
                        Value = "security",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.EqualsValue,
                        Key = "key2",
                        Value = "operations",
                    },
                },
                ResourceDetailsOther = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "area",
                        Value = "na",
                    },
                    new AwsNative.SecurityHub.Inputs.AutomationRuleMapFilterArgs
                    {
                        Comparison = AwsNative.SecurityHub.AutomationRuleMapFilterComparison.NotEquals,
                        Key = "department",
                        Value = "sales",
                    },
                },
                Confidence = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
                    {
                        Gte = 50,
                        Lte = 95,
                    },
                },
                Criticality = new[]
                {
                    new AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilterArgs
                    {
                        Gte = 50,
                        Lte = 95,
                    },
                },
            },
            Actions = new[]
            {
                new AwsNative.SecurityHub.Inputs.AutomationRulesActionArgs
                {
                    Type = AwsNative.SecurityHub.AutomationRulesActionType.FindingFieldsUpdate,
                    FindingFieldsUpdate = new AwsNative.SecurityHub.Inputs.AutomationRulesFindingFieldsUpdateArgs
                    {
                        Severity = new AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdateArgs
                        {
                            Product = 50,
                            Label = AwsNative.SecurityHub.AutomationRuleSeverityUpdateLabel.Medium,
                            Normalized = 60,
                        },
                        Types = new[]
                        {
                            "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                            "Industry Compliance",
                        },
                        Confidence = 98,
                        Criticality = 95,
                        UserDefinedFields = 
                        {
                            { "key1", "value1" },
                            { "key2", "value2" },
                        },
                        RelatedFindings = new[]
                        {
                            new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
                            {
                                ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                                Id = "sample-finding-id-1",
                            },
                            new AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFindingArgs
                            {
                                ProductArn = "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                                Id = "sample-finding-id-2",
                            },
                        },
                        Note = new AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdateArgs
                        {
                            Text = "sample-note-text",
                            UpdatedBy = "sechub",
                        },
                        VerificationState = AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
                        Workflow = new AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdateArgs
                        {
                            Status = AwsNative.SecurityHub.AutomationRuleWorkflowUpdateStatus.Notified,
                        },
                    },
                },
            },
            Tags = 
            {
                { "sampleTag", "sampleValue" },
                { "organizationUnit", "pnw" },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityhub.NewAutomationRule(ctx, "ruleWithCriteriaActionsTags", &securityhub.AutomationRuleArgs{
    			RuleName:    pulumi.String("Example rule name"),
    			RuleOrder:   pulumi.Int(5),
    			Description: pulumi.String("Example rule description."),
    			IsTerminal:  pulumi.Bool(false),
    			RuleStatus:  securityhub.AutomationRuleRuleStatusEnabled,
    			Criteria: &securityhub.AutomationRulesFindingFiltersArgs{
    				ProductName: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("GuardDuty"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("SecurityHub"),
    					},
    				},
    				CompanyName: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("AWS"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("Private"),
    					},
    				},
    				ProductArn: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/aws"),
    					},
    				},
    				AwsAccountId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("123456789012"),
    					},
    				},
    				Id: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-finding-id"),
    					},
    				},
    				GeneratorId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-generator-id"),
    					},
    				},
    				Type: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("type-1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("type-2"),
    					},
    				},
    				Description: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("description1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("description2"),
    					},
    				},
    				SourceUrl: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("https"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("ftp"),
    					},
    				},
    				Title: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("title-1"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("title-2"),
    					},
    				},
    				SeverityLabel: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("LOW"),
    					},
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("HIGH"),
    					},
    				},
    				ResourceType: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("AwsEc2Instance"),
    					},
    				},
    				ResourcePartition: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("aws"),
    					},
    				},
    				ResourceId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("i-1234567890"),
    					},
    				},
    				ResourceRegion: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("us-west"),
    					},
    				},
    				ComplianceStatus: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("FAILED"),
    					},
    				},
    				ComplianceSecurityControlId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("EC2.3"),
    					},
    				},
    				ComplianceAssociatedStandardsId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("ruleset/cis-aws-foundations-benchmark/v/1.2.0"),
    					},
    				},
    				VerificationState: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("BENIGN_POSITIVE"),
    					},
    				},
    				RecordState: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("ACTIVE"),
    					},
    				},
    				RelatedFindingsProductArn: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("arn:aws:securityhub:eu-central-1::product/aws/securityhub"),
    					},
    				},
    				RelatedFindingsId: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-finding-id-2"),
    					},
    				},
    				NoteText: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("example-note-text"),
    					},
    				},
    				NoteUpdatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				NoteUpdatedBy: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonPrefix,
    						Value:      pulumi.String("sechub"),
    					},
    				},
    				WorkflowStatus: securityhub.AutomationRuleStringFilterArray{
    					&securityhub.AutomationRuleStringFilterArgs{
    						Comparison: securityhub.AutomationRuleStringFilterComparisonEquals,
    						Value:      pulumi.String("NEW"),
    					},
    				},
    				FirstObservedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				LastObservedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				CreatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						DateRange: &securityhub.AutomationRuleDateRangeArgs{
    							Unit:  securityhub.AutomationRuleDateRangeUnitDays,
    							Value: pulumi.Float64(5),
    						},
    					},
    				},
    				UpdatedAt: securityhub.AutomationRuleDateFilterArray{
    					&securityhub.AutomationRuleDateFilterArgs{
    						Start: pulumi.String("2023-04-25T17:05:54.832Z"),
    						End:   pulumi.String("2023-05-25T17:05:54.832Z"),
    					},
    				},
    				ResourceTags: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("security"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("operations"),
    					},
    				},
    				UserDefinedFields: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
    						Key:        pulumi.String("key1"),
    						Value:      pulumi.String("security"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonEquals,
    						Key:        pulumi.String("key2"),
    						Value:      pulumi.String("operations"),
    					},
    				},
    				ResourceDetailsOther: securityhub.AutomationRuleMapFilterArray{
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("area"),
    						Value:      pulumi.String("na"),
    					},
    					&securityhub.AutomationRuleMapFilterArgs{
    						Comparison: securityhub.AutomationRuleMapFilterComparisonNotEquals,
    						Key:        pulumi.String("department"),
    						Value:      pulumi.String("sales"),
    					},
    				},
    				Confidence: securityhub.AutomationRuleNumberFilterArray{
    					&securityhub.AutomationRuleNumberFilterArgs{
    						Gte: pulumi.Float64(50),
    						Lte: pulumi.Float64(95),
    					},
    				},
    				Criticality: securityhub.AutomationRuleNumberFilterArray{
    					&securityhub.AutomationRuleNumberFilterArgs{
    						Gte: pulumi.Float64(50),
    						Lte: pulumi.Float64(95),
    					},
    				},
    			},
    			Actions: securityhub.AutomationRulesActionArray{
    				&securityhub.AutomationRulesActionArgs{
    					Type: securityhub.AutomationRulesActionTypeFindingFieldsUpdate,
    					FindingFieldsUpdate: &securityhub.AutomationRulesFindingFieldsUpdateArgs{
    						Severity: &securityhub.AutomationRuleSeverityUpdateArgs{
    							Product:    pulumi.Float64(50),
    							Label:      securityhub.AutomationRuleSeverityUpdateLabelMedium,
    							Normalized: pulumi.Int(60),
    						},
    						Types: pulumi.StringArray{
    							pulumi.String("Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices"),
    							pulumi.String("Industry Compliance"),
    						},
    						Confidence:  pulumi.Int(98),
    						Criticality: pulumi.Int(95),
    						UserDefinedFields: pulumi.StringMap{
    							"key1": pulumi.String("value1"),
    							"key2": pulumi.String("value2"),
    						},
    						RelatedFindings: securityhub.AutomationRuleRelatedFindingArray{
    							&securityhub.AutomationRuleRelatedFindingArgs{
    								ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    								Id:         pulumi.String("sample-finding-id-1"),
    							},
    							&securityhub.AutomationRuleRelatedFindingArgs{
    								ProductArn: pulumi.String("arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"),
    								Id:         pulumi.String("sample-finding-id-2"),
    							},
    						},
    						Note: &securityhub.AutomationRuleNoteUpdateArgs{
    							Text:      pulumi.String("sample-note-text"),
    							UpdatedBy: pulumi.String("sechub"),
    						},
    						VerificationState: securityhub.AutomationRulesFindingFieldsUpdateVerificationStateTruePositive,
    						Workflow: &securityhub.AutomationRuleWorkflowUpdateArgs{
    							Status: securityhub.AutomationRuleWorkflowUpdateStatusNotified,
    						},
    					},
    				},
    			},
    			Tags: pulumi.StringMap{
    				"sampleTag":        pulumi.String("sampleValue"),
    				"organizationUnit": pulumi.String("pnw"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    

    Coming soon!

    import pulumi
    import pulumi_aws_native as aws_native
    
    rule_with_criteria_actions_tags = aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags",
        rule_name="Example rule name",
        rule_order=5,
        description="Example rule description.",
        is_terminal=False,
        rule_status=aws_native.securityhub.AutomationRuleRuleStatus.ENABLED,
        criteria=aws_native.securityhub.AutomationRulesFindingFiltersArgs(
            product_name=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="GuardDuty",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="SecurityHub",
                ),
            ],
            company_name=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="AWS",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="Private",
                ),
            ],
            product_arn=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="arn:aws:securityhub:us-west-2:123456789012:product/aws",
                ),
            ],
            aws_account_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="123456789012",
            )],
            id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-finding-id",
            )],
            generator_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-generator-id",
            )],
            type=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="type-1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="type-2",
                ),
            ],
            description=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="description1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="description2",
                ),
            ],
            source_url=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="https",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="ftp",
                ),
            ],
            title=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="title-1",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                    value="title-2",
                ),
            ],
            severity_label=[
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="LOW",
                ),
                aws_native.securityhub.AutomationRuleStringFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                    value="HIGH",
                ),
            ],
            resource_type=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="AwsEc2Instance",
            )],
            resource_partition=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="aws",
            )],
            resource_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="i-1234567890",
            )],
            resource_region=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="us-west",
            )],
            compliance_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="FAILED",
            )],
            compliance_security_control_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="EC2.3",
            )],
            compliance_associated_standards_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="ruleset/cis-aws-foundations-benchmark/v/1.2.0",
            )],
            verification_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="BENIGN_POSITIVE",
            )],
            record_state=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="ACTIVE",
            )],
            related_findings_product_arn=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="arn:aws:securityhub:eu-central-1::product/aws/securityhub",
            )],
            related_findings_id=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-finding-id-2",
            )],
            note_text=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="example-note-text",
            )],
            note_updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            note_updated_by=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.PREFIX,
                value="sechub",
            )],
            workflow_status=[aws_native.securityhub.AutomationRuleStringFilterArgs(
                comparison=aws_native.securityhub.AutomationRuleStringFilterComparison.EQUALS,
                value="NEW",
            )],
            first_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            last_observed_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            created_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                date_range=aws_native.securityhub.AutomationRuleDateRangeArgs(
                    unit=aws_native.securityhub.AutomationRuleDateRangeUnit.DAYS,
                    value=5,
                ),
            )],
            updated_at=[aws_native.securityhub.AutomationRuleDateFilterArgs(
                start="2023-04-25T17:05:54.832Z",
                end="2023-05-25T17:05:54.832Z",
            )],
            resource_tags=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="security",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="operations",
                ),
            ],
            user_defined_fields=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
                    key="key1",
                    value="security",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.EQUALS,
                    key="key2",
                    value="operations",
                ),
            ],
            resource_details_other=[
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="area",
                    value="na",
                ),
                aws_native.securityhub.AutomationRuleMapFilterArgs(
                    comparison=aws_native.securityhub.AutomationRuleMapFilterComparison.NOT_EQUALS,
                    key="department",
                    value="sales",
                ),
            ],
            confidence=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
                gte=50,
                lte=95,
            )],
            criticality=[aws_native.securityhub.AutomationRuleNumberFilterArgs(
                gte=50,
                lte=95,
            )],
        ),
        actions=[aws_native.securityhub.AutomationRulesActionArgs(
            type=aws_native.securityhub.AutomationRulesActionType.FINDING_FIELDS_UPDATE,
            finding_fields_update=aws_native.securityhub.AutomationRulesFindingFieldsUpdateArgs(
                severity=aws_native.securityhub.AutomationRuleSeverityUpdateArgs(
                    product=50,
                    label=aws_native.securityhub.AutomationRuleSeverityUpdateLabel.MEDIUM,
                    normalized=60,
                ),
                types=[
                    "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                    "Industry Compliance",
                ],
                confidence=98,
                criticality=95,
                user_defined_fields={
                    "key1": "value1",
                    "key2": "value2",
                },
                related_findings=[
                    aws_native.securityhub.AutomationRuleRelatedFindingArgs(
                        product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id="sample-finding-id-1",
                    ),
                    aws_native.securityhub.AutomationRuleRelatedFindingArgs(
                        product_arn="arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id="sample-finding-id-2",
                    ),
                ],
                note=aws_native.securityhub.AutomationRuleNoteUpdateArgs(
                    text="sample-note-text",
                    updated_by="sechub",
                ),
                verification_state=aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TRUE_POSITIVE,
                workflow=aws_native.securityhub.AutomationRuleWorkflowUpdateArgs(
                    status=aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.NOTIFIED,
                ),
            ),
        )],
        tags={
            "sampleTag": "sampleValue",
            "organizationUnit": "pnw",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws_native from "@pulumi/aws-native";
    
    const ruleWithCriteriaActionsTags = new aws_native.securityhub.AutomationRule("ruleWithCriteriaActionsTags", {
        ruleName: "Example rule name",
        ruleOrder: 5,
        description: "Example rule description.",
        isTerminal: false,
        ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
        criteria: {
            productName: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "GuardDuty",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "SecurityHub",
                },
            ],
            companyName: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "AWS",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "Private",
                },
            ],
            productArn: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "arn:aws:securityhub:us-west-2:123456789012:product/aws",
                },
            ],
            awsAccountId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "123456789012",
            }],
            id: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-finding-id",
            }],
            generatorId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-generator-id",
            }],
            type: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "type-1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "type-2",
                },
            ],
            description: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "description1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "description2",
                },
            ],
            sourceUrl: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "https",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "ftp",
                },
            ],
            title: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "title-1",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                    value: "title-2",
                },
            ],
            severityLabel: [
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "LOW",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                    value: "HIGH",
                },
            ],
            resourceType: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "AwsEc2Instance",
            }],
            resourcePartition: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "aws",
            }],
            resourceId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "i-1234567890",
            }],
            resourceRegion: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "us-west",
            }],
            complianceStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "FAILED",
            }],
            complianceSecurityControlId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "EC2.3",
            }],
            complianceAssociatedStandardsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
            }],
            verificationState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "BENIGN_POSITIVE",
            }],
            recordState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "ACTIVE",
            }],
            relatedFindingsProductArn: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "arn:aws:securityhub:eu-central-1::product/aws/securityhub",
            }],
            relatedFindingsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-finding-id-2",
            }],
            noteText: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "example-note-text",
            }],
            noteUpdatedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            noteUpdatedBy: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Prefix,
                value: "sechub",
            }],
            workflowStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "NEW",
            }],
            firstObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            lastObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            createdAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 5,
                },
            }],
            updatedAt: [{
                start: "2023-04-25T17:05:54.832Z",
                end: "2023-05-25T17:05:54.832Z",
            }],
            resourceTags: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "security",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "operations",
                },
            ],
            userDefinedFields: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                    key: "key1",
                    value: "security",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                    key: "key2",
                    value: "operations",
                },
            ],
            resourceDetailsOther: [
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "area",
                    value: "na",
                },
                {
                    comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.NotEquals,
                    key: "department",
                    value: "sales",
                },
            ],
            confidence: [{
                gte: 50,
                lte: 95,
            }],
            criticality: [{
                gte: 50,
                lte: 95,
            }],
        },
        actions: [{
            type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
            findingFieldsUpdate: {
                severity: {
                    product: 50,
                    label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Medium,
                    normalized: 60,
                },
                types: [
                    "Software and Configuration Checks/Industry and Regulatory Standards/AWS-Foundational-Security-Best-Practices",
                    "Industry Compliance",
                ],
                confidence: 98,
                criticality: 95,
                userDefinedFields: {
                    key1: "value1",
                    key2: "value2",
                },
                relatedFindings: [
                    {
                        productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id: "sample-finding-id-1",
                    },
                    {
                        productArn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
                        id: "sample-finding-id-2",
                    },
                ],
                note: {
                    text: "sample-note-text",
                    updatedBy: "sechub",
                },
                verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.TruePositive,
                workflow: {
                    status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.Notified,
                },
            },
        }],
        tags: {
            sampleTag: "sampleValue",
            organizationUnit: "pnw",
        },
    });
    

    Coming soon!

    Create AutomationRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AutomationRule(name: string, args?: AutomationRuleArgs, opts?: CustomResourceOptions);
    @overload
    def AutomationRule(resource_name: str,
                       args: Optional[AutomationRuleArgs] = None,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def AutomationRule(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       actions: Optional[Sequence[AutomationRulesActionArgs]] = None,
                       criteria: Optional[AutomationRulesFindingFiltersArgs] = None,
                       description: Optional[str] = None,
                       is_terminal: Optional[bool] = None,
                       rule_name: Optional[str] = None,
                       rule_order: Optional[int] = None,
                       rule_status: Optional[AutomationRuleRuleStatus] = None,
                       tags: Optional[Mapping[str, str]] = None)
    func NewAutomationRule(ctx *Context, name string, args *AutomationRuleArgs, opts ...ResourceOption) (*AutomationRule, error)
    public AutomationRule(string name, AutomationRuleArgs? args = null, CustomResourceOptions? opts = null)
    public AutomationRule(String name, AutomationRuleArgs args)
    public AutomationRule(String name, AutomationRuleArgs args, CustomResourceOptions options)
    
    type: aws-native:securityhub:AutomationRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    const automationRuleResource = new aws_native.securityhub.AutomationRule("automationRuleResource", {
        actions: [{
            findingFieldsUpdate: {
                confidence: 0,
                criticality: 0,
                note: {
                    text: "string",
                    updatedBy: "string",
                },
                relatedFindings: [{
                    id: "string",
                    productArn: "string",
                }],
                severity: {
                    label: aws_native.securityhub.AutomationRuleSeverityUpdateLabel.Informational,
                    normalized: 0,
                    product: 0,
                },
                types: ["string"],
                userDefinedFields: {
                    string: "string",
                },
                verificationState: aws_native.securityhub.AutomationRulesFindingFieldsUpdateVerificationState.Unknown,
                workflow: {
                    status: aws_native.securityhub.AutomationRuleWorkflowUpdateStatus.New,
                },
            },
            type: aws_native.securityhub.AutomationRulesActionType.FindingFieldsUpdate,
        }],
        criteria: {
            awsAccountId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            companyName: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            complianceAssociatedStandardsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            complianceSecurityControlId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            complianceStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            confidence: [{
                eq: 0,
                gte: 0,
                lte: 0,
            }],
            createdAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            criticality: [{
                eq: 0,
                gte: 0,
                lte: 0,
            }],
            description: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            firstObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            generatorId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            id: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            lastObservedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            noteText: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            noteUpdatedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            noteUpdatedBy: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            productArn: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            productName: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            recordState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            relatedFindingsId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            relatedFindingsProductArn: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            resourceDetailsOther: [{
                comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                key: "string",
                value: "string",
            }],
            resourceId: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            resourcePartition: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            resourceRegion: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            resourceTags: [{
                comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                key: "string",
                value: "string",
            }],
            resourceType: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            severityLabel: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            sourceUrl: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            title: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            type: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            updatedAt: [{
                dateRange: {
                    unit: aws_native.securityhub.AutomationRuleDateRangeUnit.Days,
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            userDefinedFields: [{
                comparison: aws_native.securityhub.AutomationRuleMapFilterComparison.Equals,
                key: "string",
                value: "string",
            }],
            verificationState: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
            workflowStatus: [{
                comparison: aws_native.securityhub.AutomationRuleStringFilterComparison.Equals,
                value: "string",
            }],
        },
        description: "string",
        isTerminal: false,
        ruleName: "string",
        ruleOrder: 0,
        ruleStatus: aws_native.securityhub.AutomationRuleRuleStatus.Enabled,
        tags: {
            string: "string",
        },
    });
    
    Coming soon!
    

    AutomationRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The AutomationRule resource accepts the following input properties:

    Actions List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRulesAction>
    Criteria Pulumi.AwsNative.SecurityHub.Inputs.AutomationRulesFindingFilters
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    Description string
    IsTerminal bool
    RuleName string
    RuleOrder int
    RuleStatus Pulumi.AwsNative.SecurityHub.AutomationRuleRuleStatus
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    Tags Dictionary<string, string>
    Actions []AutomationRulesActionArgs
    Criteria AutomationRulesFindingFiltersArgs
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    Description string
    IsTerminal bool
    RuleName string
    RuleOrder int
    RuleStatus AutomationRuleRuleStatus
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    Tags map[string]string
    actions List<AutomationRulesAction>
    criteria AutomationRulesFindingFilters
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    description String
    isTerminal Boolean
    ruleName String
    ruleOrder Integer
    ruleStatus AutomationRuleRuleStatus
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    tags Map<String,String>
    actions AutomationRulesAction[]
    criteria AutomationRulesFindingFilters
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    description string
    isTerminal boolean
    ruleName string
    ruleOrder number
    ruleStatus AutomationRuleRuleStatus
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    tags {[key: string]: string}
    actions Sequence[AutomationRulesActionArgs]
    criteria AutomationRulesFindingFiltersArgs
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    description str
    is_terminal bool
    rule_name str
    rule_order int
    rule_status AutomationRuleRuleStatus
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    tags Mapping[str, str]
    actions List<Property Map>
    criteria Property Map
    A set of Security Finding Format (ASFF) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding.
    description String
    isTerminal Boolean
    ruleName String
    ruleOrder Number
    ruleStatus "ENABLED" | "DISABLED"
    Whether the rule is active after it is created. If this parameter is equal to ENABLED, ASH applies the rule to findings and finding updates after the rule is created.
    tags Map<String>

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AutomationRule resource produces the following output properties:

    CreatedAt string
    CreatedBy string
    Id string
    The provider-assigned unique ID for this managed resource.
    RuleArn string
    UpdatedAt string
    CreatedAt string
    CreatedBy string
    Id string
    The provider-assigned unique ID for this managed resource.
    RuleArn string
    UpdatedAt string
    createdAt String
    createdBy String
    id String
    The provider-assigned unique ID for this managed resource.
    ruleArn String
    updatedAt String
    createdAt string
    createdBy string
    id string
    The provider-assigned unique ID for this managed resource.
    ruleArn string
    updatedAt string
    created_at str
    created_by str
    id str
    The provider-assigned unique ID for this managed resource.
    rule_arn str
    updated_at str
    createdAt String
    createdBy String
    id String
    The provider-assigned unique ID for this managed resource.
    ruleArn String
    updatedAt String

    Supporting Types

    AutomationRuleDateFilter, AutomationRuleDateFilterArgs

    AutomationRuleDateRange, AutomationRuleDateRangeArgs

    AutomationRuleDateRangeUnit, AutomationRuleDateRangeUnitArgs

    Days
    DAYS
    AutomationRuleDateRangeUnitDays
    DAYS
    Days
    DAYS
    Days
    DAYS
    DAYS
    DAYS
    "DAYS"
    DAYS

    AutomationRuleMapFilter, AutomationRuleMapFilterArgs

    AutomationRuleMapFilterComparison, AutomationRuleMapFilterComparisonArgs

    EqualsValue
    EQUALS
    NotEquals
    NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    AutomationRuleMapFilterComparisonEquals
    EQUALS
    AutomationRuleMapFilterComparisonNotEquals
    NOT_EQUALS
    AutomationRuleMapFilterComparisonContains
    CONTAINS
    AutomationRuleMapFilterComparisonNotContains
    NOT_CONTAINS
    Equals
    EQUALS
    NotEquals
    NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    Equals
    EQUALS
    NotEquals
    NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    EQUALS
    EQUALS
    NOT_EQUALS
    NOT_EQUALS
    CONTAINS
    CONTAINS
    NOT_CONTAINS
    NOT_CONTAINS
    "EQUALS"
    EQUALS
    "NOT_EQUALS"
    NOT_EQUALS
    "CONTAINS"
    CONTAINS
    "NOT_CONTAINS"
    NOT_CONTAINS

    AutomationRuleNoteUpdate, AutomationRuleNoteUpdateArgs

    Text string
    UpdatedBy string
    Text string
    UpdatedBy string
    text String
    updatedBy String
    text string
    updatedBy string
    text String
    updatedBy String

    AutomationRuleNumberFilter, AutomationRuleNumberFilterArgs

    Eq double
    Gte double
    Lte double
    Eq float64
    Gte float64
    Lte float64
    eq Double
    gte Double
    lte Double
    eq number
    gte number
    lte number
    eq float
    gte float
    lte float
    eq Number
    gte Number
    lte Number

    AutomationRuleRelatedFinding, AutomationRuleRelatedFindingArgs

    Id string
    ProductArn string
    The Amazon Resource Name (ARN) for the product that generated a related finding.
    Id string
    ProductArn string
    The Amazon Resource Name (ARN) for the product that generated a related finding.
    id String
    productArn String
    The Amazon Resource Name (ARN) for the product that generated a related finding.
    id string
    productArn string
    The Amazon Resource Name (ARN) for the product that generated a related finding.
    id str
    product_arn str
    The Amazon Resource Name (ARN) for the product that generated a related finding.
    id String
    productArn String
    The Amazon Resource Name (ARN) for the product that generated a related finding.

    AutomationRuleRuleStatus, AutomationRuleRuleStatusArgs

    Enabled
    ENABLED
    Disabled
    DISABLED
    AutomationRuleRuleStatusEnabled
    ENABLED
    AutomationRuleRuleStatusDisabled
    DISABLED
    Enabled
    ENABLED
    Disabled
    DISABLED
    Enabled
    ENABLED
    Disabled
    DISABLED
    ENABLED
    ENABLED
    DISABLED
    DISABLED
    "ENABLED"
    ENABLED
    "DISABLED"
    DISABLED

    AutomationRuleSeverityUpdate, AutomationRuleSeverityUpdateArgs

    AutomationRuleSeverityUpdateLabel, AutomationRuleSeverityUpdateLabelArgs

    Informational
    INFORMATIONAL
    Low
    LOW
    Medium
    MEDIUM
    High
    HIGH
    Critical
    CRITICAL
    AutomationRuleSeverityUpdateLabelInformational
    INFORMATIONAL
    AutomationRuleSeverityUpdateLabelLow
    LOW
    AutomationRuleSeverityUpdateLabelMedium
    MEDIUM
    AutomationRuleSeverityUpdateLabelHigh
    HIGH
    AutomationRuleSeverityUpdateLabelCritical
    CRITICAL
    Informational
    INFORMATIONAL
    Low
    LOW
    Medium
    MEDIUM
    High
    HIGH
    Critical
    CRITICAL
    Informational
    INFORMATIONAL
    Low
    LOW
    Medium
    MEDIUM
    High
    HIGH
    Critical
    CRITICAL
    INFORMATIONAL
    INFORMATIONAL
    LOW
    LOW
    MEDIUM
    MEDIUM
    HIGH
    HIGH
    CRITICAL
    CRITICAL
    "INFORMATIONAL"
    INFORMATIONAL
    "LOW"
    LOW
    "MEDIUM"
    MEDIUM
    "HIGH"
    HIGH
    "CRITICAL"
    CRITICAL

    AutomationRuleStringFilter, AutomationRuleStringFilterArgs

    AutomationRuleStringFilterComparison, AutomationRuleStringFilterComparisonArgs

    EqualsValue
    EQUALS
    Prefix
    PREFIX
    NotEquals
    NOT_EQUALS
    PrefixNotEquals
    PREFIX_NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    AutomationRuleStringFilterComparisonEquals
    EQUALS
    AutomationRuleStringFilterComparisonPrefix
    PREFIX
    AutomationRuleStringFilterComparisonNotEquals
    NOT_EQUALS
    AutomationRuleStringFilterComparisonPrefixNotEquals
    PREFIX_NOT_EQUALS
    AutomationRuleStringFilterComparisonContains
    CONTAINS
    AutomationRuleStringFilterComparisonNotContains
    NOT_CONTAINS
    Equals
    EQUALS
    Prefix
    PREFIX
    NotEquals
    NOT_EQUALS
    PrefixNotEquals
    PREFIX_NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    Equals
    EQUALS
    Prefix
    PREFIX
    NotEquals
    NOT_EQUALS
    PrefixNotEquals
    PREFIX_NOT_EQUALS
    Contains
    CONTAINS
    NotContains
    NOT_CONTAINS
    EQUALS
    EQUALS
    PREFIX
    PREFIX
    NOT_EQUALS
    NOT_EQUALS
    PREFIX_NOT_EQUALS
    PREFIX_NOT_EQUALS
    CONTAINS
    CONTAINS
    NOT_CONTAINS
    NOT_CONTAINS
    "EQUALS"
    EQUALS
    "PREFIX"
    PREFIX
    "NOT_EQUALS"
    NOT_EQUALS
    "PREFIX_NOT_EQUALS"
    PREFIX_NOT_EQUALS
    "CONTAINS"
    CONTAINS
    "NOT_CONTAINS"
    NOT_CONTAINS

    AutomationRuleWorkflowUpdate, AutomationRuleWorkflowUpdateArgs

    AutomationRuleWorkflowUpdateStatus, AutomationRuleWorkflowUpdateStatusArgs

    New
    NEW
    Notified
    NOTIFIED
    Resolved
    RESOLVED
    Suppressed
    SUPPRESSED
    AutomationRuleWorkflowUpdateStatusNew
    NEW
    AutomationRuleWorkflowUpdateStatusNotified
    NOTIFIED
    AutomationRuleWorkflowUpdateStatusResolved
    RESOLVED
    AutomationRuleWorkflowUpdateStatusSuppressed
    SUPPRESSED
    New
    NEW
    Notified
    NOTIFIED
    Resolved
    RESOLVED
    Suppressed
    SUPPRESSED
    New
    NEW
    Notified
    NOTIFIED
    Resolved
    RESOLVED
    Suppressed
    SUPPRESSED
    NEW
    NEW
    NOTIFIED
    NOTIFIED
    RESOLVED
    RESOLVED
    SUPPRESSED
    SUPPRESSED
    "NEW"
    NEW
    "NOTIFIED"
    NOTIFIED
    "RESOLVED"
    RESOLVED
    "SUPPRESSED"
    SUPPRESSED

    AutomationRulesAction, AutomationRulesActionArgs

    AutomationRulesActionType, AutomationRulesActionTypeArgs

    FindingFieldsUpdate
    FINDING_FIELDS_UPDATE
    AutomationRulesActionTypeFindingFieldsUpdate
    FINDING_FIELDS_UPDATE
    FindingFieldsUpdate
    FINDING_FIELDS_UPDATE
    FindingFieldsUpdate
    FINDING_FIELDS_UPDATE
    FINDING_FIELDS_UPDATE
    FINDING_FIELDS_UPDATE
    "FINDING_FIELDS_UPDATE"
    FINDING_FIELDS_UPDATE

    AutomationRulesFindingFieldsUpdate, AutomationRulesFindingFieldsUpdateArgs

    Confidence int
    Criticality int
    Note Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleNoteUpdate
    The rule action will update the Note field of a finding.
    RelatedFindings List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleRelatedFinding>
    The rule action will update the RelatedFindings field of a finding.
    Severity Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleSeverityUpdate
    The rule action will update the Severity field of a finding.
    Types List<string>
    UserDefinedFields Dictionary<string, string>
    VerificationState Pulumi.AwsNative.SecurityHub.AutomationRulesFindingFieldsUpdateVerificationState
    Workflow Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleWorkflowUpdate
    The rule action will update the Workflow field of a finding.
    Confidence int
    Criticality int
    Note AutomationRuleNoteUpdate
    The rule action will update the Note field of a finding.
    RelatedFindings []AutomationRuleRelatedFinding
    The rule action will update the RelatedFindings field of a finding.
    Severity AutomationRuleSeverityUpdate
    The rule action will update the Severity field of a finding.
    Types []string
    UserDefinedFields map[string]string
    VerificationState AutomationRulesFindingFieldsUpdateVerificationState
    Workflow AutomationRuleWorkflowUpdate
    The rule action will update the Workflow field of a finding.
    confidence Integer
    criticality Integer
    note AutomationRuleNoteUpdate
    The rule action will update the Note field of a finding.
    relatedFindings List<AutomationRuleRelatedFinding>
    The rule action will update the RelatedFindings field of a finding.
    severity AutomationRuleSeverityUpdate
    The rule action will update the Severity field of a finding.
    types List<String>
    userDefinedFields Map<String,String>
    verificationState AutomationRulesFindingFieldsUpdateVerificationState
    workflow AutomationRuleWorkflowUpdate
    The rule action will update the Workflow field of a finding.
    confidence number
    criticality number
    note AutomationRuleNoteUpdate
    The rule action will update the Note field of a finding.
    relatedFindings AutomationRuleRelatedFinding[]
    The rule action will update the RelatedFindings field of a finding.
    severity AutomationRuleSeverityUpdate
    The rule action will update the Severity field of a finding.
    types string[]
    userDefinedFields {[key: string]: string}
    verificationState AutomationRulesFindingFieldsUpdateVerificationState
    workflow AutomationRuleWorkflowUpdate
    The rule action will update the Workflow field of a finding.
    confidence int
    criticality int
    note AutomationRuleNoteUpdate
    The rule action will update the Note field of a finding.
    related_findings Sequence[AutomationRuleRelatedFinding]
    The rule action will update the RelatedFindings field of a finding.
    severity AutomationRuleSeverityUpdate
    The rule action will update the Severity field of a finding.
    types Sequence[str]
    user_defined_fields Mapping[str, str]
    verification_state AutomationRulesFindingFieldsUpdateVerificationState
    workflow AutomationRuleWorkflowUpdate
    The rule action will update the Workflow field of a finding.
    confidence Number
    criticality Number
    note Property Map
    The rule action will update the Note field of a finding.
    relatedFindings List<Property Map>
    The rule action will update the RelatedFindings field of a finding.
    severity Property Map
    The rule action will update the Severity field of a finding.
    types List<String>
    userDefinedFields Map<String>
    verificationState "UNKNOWN" | "TRUE_POSITIVE" | "FALSE_POSITIVE" | "BENIGN_POSITIVE"
    workflow Property Map
    The rule action will update the Workflow field of a finding.

    AutomationRulesFindingFieldsUpdateVerificationState, AutomationRulesFindingFieldsUpdateVerificationStateArgs

    Unknown
    UNKNOWN
    TruePositive
    TRUE_POSITIVE
    FalsePositive
    FALSE_POSITIVE
    BenignPositive
    BENIGN_POSITIVE
    AutomationRulesFindingFieldsUpdateVerificationStateUnknown
    UNKNOWN
    AutomationRulesFindingFieldsUpdateVerificationStateTruePositive
    TRUE_POSITIVE
    AutomationRulesFindingFieldsUpdateVerificationStateFalsePositive
    FALSE_POSITIVE
    AutomationRulesFindingFieldsUpdateVerificationStateBenignPositive
    BENIGN_POSITIVE
    Unknown
    UNKNOWN
    TruePositive
    TRUE_POSITIVE
    FalsePositive
    FALSE_POSITIVE
    BenignPositive
    BENIGN_POSITIVE
    Unknown
    UNKNOWN
    TruePositive
    TRUE_POSITIVE
    FalsePositive
    FALSE_POSITIVE
    BenignPositive
    BENIGN_POSITIVE
    UNKNOWN
    UNKNOWN
    TRUE_POSITIVE
    TRUE_POSITIVE
    FALSE_POSITIVE
    FALSE_POSITIVE
    BENIGN_POSITIVE
    BENIGN_POSITIVE
    "UNKNOWN"
    UNKNOWN
    "TRUE_POSITIVE"
    TRUE_POSITIVE
    "FALSE_POSITIVE"
    FALSE_POSITIVE
    "BENIGN_POSITIVE"
    BENIGN_POSITIVE

    AutomationRulesFindingFilters, AutomationRulesFindingFiltersArgs

    AwsAccountId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    CompanyName List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ComplianceAssociatedStandardsId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ComplianceSecurityControlId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ComplianceStatus List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    Confidence List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilter>
    CreatedAt List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleDateFilter>
    Criticality List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleNumberFilter>
    Description List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    FirstObservedAt List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleDateFilter>
    GeneratorId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    Id List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    LastObservedAt List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleDateFilter>
    NoteText List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    NoteUpdatedAt List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleDateFilter>
    NoteUpdatedBy List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ProductArn List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ProductName List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    RecordState List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    RelatedFindingsId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    RelatedFindingsProductArn List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ResourceDetailsOther List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleMapFilter>
    ResourceId List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ResourcePartition List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ResourceRegion List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    ResourceTags List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleMapFilter>
    ResourceType List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    SeverityLabel List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    SourceUrl List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    Title List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    Type List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    UpdatedAt List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleDateFilter>
    UserDefinedFields List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleMapFilter>
    VerificationState List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    WorkflowStatus List<Pulumi.AwsNative.SecurityHub.Inputs.AutomationRuleStringFilter>
    AwsAccountId []AutomationRuleStringFilter
    CompanyName []AutomationRuleStringFilter
    ComplianceAssociatedStandardsId []AutomationRuleStringFilter
    ComplianceSecurityControlId []AutomationRuleStringFilter
    ComplianceStatus []AutomationRuleStringFilter
    Confidence []AutomationRuleNumberFilter
    CreatedAt []AutomationRuleDateFilter
    Criticality []AutomationRuleNumberFilter
    Description []AutomationRuleStringFilter
    FirstObservedAt []AutomationRuleDateFilter
    GeneratorId []AutomationRuleStringFilter
    Id []AutomationRuleStringFilter
    LastObservedAt []AutomationRuleDateFilter
    NoteText []AutomationRuleStringFilter
    NoteUpdatedAt []AutomationRuleDateFilter
    NoteUpdatedBy []AutomationRuleStringFilter
    ProductArn []AutomationRuleStringFilter
    ProductName []AutomationRuleStringFilter
    RecordState []AutomationRuleStringFilter
    RelatedFindingsId []AutomationRuleStringFilter
    RelatedFindingsProductArn []AutomationRuleStringFilter
    ResourceDetailsOther []AutomationRuleMapFilter
    ResourceId []AutomationRuleStringFilter
    ResourcePartition []AutomationRuleStringFilter
    ResourceRegion []AutomationRuleStringFilter
    ResourceTags []AutomationRuleMapFilter
    ResourceType []AutomationRuleStringFilter
    SeverityLabel []AutomationRuleStringFilter
    SourceUrl []AutomationRuleStringFilter
    Title []AutomationRuleStringFilter
    Type []AutomationRuleStringFilter
    UpdatedAt []AutomationRuleDateFilter
    UserDefinedFields []AutomationRuleMapFilter
    VerificationState []AutomationRuleStringFilter
    WorkflowStatus []AutomationRuleStringFilter
    awsAccountId List<AutomationRuleStringFilter>
    companyName List<AutomationRuleStringFilter>
    complianceAssociatedStandardsId List<AutomationRuleStringFilter>
    complianceSecurityControlId List<AutomationRuleStringFilter>
    complianceStatus List<AutomationRuleStringFilter>
    confidence List<AutomationRuleNumberFilter>
    createdAt List<AutomationRuleDateFilter>
    criticality List<AutomationRuleNumberFilter>
    description List<AutomationRuleStringFilter>
    firstObservedAt List<AutomationRuleDateFilter>
    generatorId List<AutomationRuleStringFilter>
    id List<AutomationRuleStringFilter>
    lastObservedAt List<AutomationRuleDateFilter>
    noteText List<AutomationRuleStringFilter>
    noteUpdatedAt List<AutomationRuleDateFilter>
    noteUpdatedBy List<AutomationRuleStringFilter>
    productArn List<AutomationRuleStringFilter>
    productName List<AutomationRuleStringFilter>
    recordState List<AutomationRuleStringFilter>
    relatedFindingsId List<AutomationRuleStringFilter>
    relatedFindingsProductArn List<AutomationRuleStringFilter>
    resourceDetailsOther List<AutomationRuleMapFilter>
    resourceId List<AutomationRuleStringFilter>
    resourcePartition List<AutomationRuleStringFilter>
    resourceRegion List<AutomationRuleStringFilter>
    resourceTags List<AutomationRuleMapFilter>
    resourceType List<AutomationRuleStringFilter>
    severityLabel List<AutomationRuleStringFilter>
    sourceUrl List<AutomationRuleStringFilter>
    title List<AutomationRuleStringFilter>
    type List<AutomationRuleStringFilter>
    updatedAt List<AutomationRuleDateFilter>
    userDefinedFields List<AutomationRuleMapFilter>
    verificationState List<AutomationRuleStringFilter>
    workflowStatus List<AutomationRuleStringFilter>
    awsAccountId AutomationRuleStringFilter[]
    companyName AutomationRuleStringFilter[]
    complianceAssociatedStandardsId AutomationRuleStringFilter[]
    complianceSecurityControlId AutomationRuleStringFilter[]
    complianceStatus AutomationRuleStringFilter[]
    confidence AutomationRuleNumberFilter[]
    createdAt AutomationRuleDateFilter[]
    criticality AutomationRuleNumberFilter[]
    description AutomationRuleStringFilter[]
    firstObservedAt AutomationRuleDateFilter[]
    generatorId AutomationRuleStringFilter[]
    id AutomationRuleStringFilter[]
    lastObservedAt AutomationRuleDateFilter[]
    noteText AutomationRuleStringFilter[]
    noteUpdatedAt AutomationRuleDateFilter[]
    noteUpdatedBy AutomationRuleStringFilter[]
    productArn AutomationRuleStringFilter[]
    productName AutomationRuleStringFilter[]
    recordState AutomationRuleStringFilter[]
    relatedFindingsId AutomationRuleStringFilter[]
    relatedFindingsProductArn AutomationRuleStringFilter[]
    resourceDetailsOther AutomationRuleMapFilter[]
    resourceId AutomationRuleStringFilter[]
    resourcePartition AutomationRuleStringFilter[]
    resourceRegion AutomationRuleStringFilter[]
    resourceTags AutomationRuleMapFilter[]
    resourceType AutomationRuleStringFilter[]
    severityLabel AutomationRuleStringFilter[]
    sourceUrl AutomationRuleStringFilter[]
    title AutomationRuleStringFilter[]
    type AutomationRuleStringFilter[]
    updatedAt AutomationRuleDateFilter[]
    userDefinedFields AutomationRuleMapFilter[]
    verificationState AutomationRuleStringFilter[]
    workflowStatus AutomationRuleStringFilter[]
    aws_account_id Sequence[AutomationRuleStringFilter]
    company_name Sequence[AutomationRuleStringFilter]
    compliance_associated_standards_id Sequence[AutomationRuleStringFilter]
    compliance_security_control_id Sequence[AutomationRuleStringFilter]
    compliance_status Sequence[AutomationRuleStringFilter]
    confidence Sequence[AutomationRuleNumberFilter]
    created_at Sequence[AutomationRuleDateFilter]
    criticality Sequence[AutomationRuleNumberFilter]
    description Sequence[AutomationRuleStringFilter]
    first_observed_at Sequence[AutomationRuleDateFilter]
    generator_id Sequence[AutomationRuleStringFilter]
    id Sequence[AutomationRuleStringFilter]
    last_observed_at Sequence[AutomationRuleDateFilter]
    note_text Sequence[AutomationRuleStringFilter]
    note_updated_at Sequence[AutomationRuleDateFilter]
    note_updated_by Sequence[AutomationRuleStringFilter]
    product_arn Sequence[AutomationRuleStringFilter]
    product_name Sequence[AutomationRuleStringFilter]
    record_state Sequence[AutomationRuleStringFilter]
    related_findings_id Sequence[AutomationRuleStringFilter]
    related_findings_product_arn Sequence[AutomationRuleStringFilter]
    resource_details_other Sequence[AutomationRuleMapFilter]
    resource_id Sequence[AutomationRuleStringFilter]
    resource_partition Sequence[AutomationRuleStringFilter]
    resource_region Sequence[AutomationRuleStringFilter]
    resource_tags Sequence[AutomationRuleMapFilter]
    resource_type Sequence[AutomationRuleStringFilter]
    severity_label Sequence[AutomationRuleStringFilter]
    source_url Sequence[AutomationRuleStringFilter]
    title Sequence[AutomationRuleStringFilter]
    type Sequence[AutomationRuleStringFilter]
    updated_at Sequence[AutomationRuleDateFilter]
    user_defined_fields Sequence[AutomationRuleMapFilter]
    verification_state Sequence[AutomationRuleStringFilter]
    workflow_status Sequence[AutomationRuleStringFilter]
    awsAccountId List<Property Map>
    companyName List<Property Map>
    complianceAssociatedStandardsId List<Property Map>
    complianceSecurityControlId List<Property Map>
    complianceStatus List<Property Map>
    confidence List<Property Map>
    createdAt List<Property Map>
    criticality List<Property Map>
    description List<Property Map>
    firstObservedAt List<Property Map>
    generatorId List<Property Map>
    id List<Property Map>
    lastObservedAt List<Property Map>
    noteText List<Property Map>
    noteUpdatedAt List<Property Map>
    noteUpdatedBy List<Property Map>
    productArn List<Property Map>
    productName List<Property Map>
    recordState List<Property Map>
    relatedFindingsId List<Property Map>
    relatedFindingsProductArn List<Property Map>
    resourceDetailsOther List<Property Map>
    resourceId List<Property Map>
    resourcePartition List<Property Map>
    resourceRegion List<Property Map>
    resourceTags List<Property Map>
    resourceType List<Property Map>
    severityLabel List<Property Map>
    sourceUrl List<Property Map>
    title List<Property Map>
    type List<Property Map>
    updatedAt List<Property Map>
    userDefinedFields List<Property Map>
    verificationState List<Property Map>
    workflowStatus List<Property Map>

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.102.0 published on Tuesday, Apr 16, 2024 by Pulumi