1. Packages
  2. AWS Classic
  3. API Docs
  4. securityhub
  5. Insight

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.40.0 published on Wednesday, Jun 12, 2024 by Pulumi

aws.securityhub.Insight

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.40.0 published on Wednesday, Jun 12, 2024 by Pulumi

    Provides a Security Hub custom insight resource. See the Managing custom insights section of the AWS User Guide for more information.

    Example Usage

    Filter by AWS account ID

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.Account("example", {});
    const exampleInsight = new aws.securityhub.Insight("example", {
        filters: {
            awsAccountIds: [
                {
                    comparison: "EQUALS",
                    value: "1234567890",
                },
                {
                    comparison: "EQUALS",
                    value: "09876543210",
                },
            ],
        },
        groupByAttribute: "AwsAccountId",
        name: "example-insight",
    }, {
        dependsOn: [example],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.Account("example")
    example_insight = aws.securityhub.Insight("example",
        filters=aws.securityhub.InsightFiltersArgs(
            aws_account_ids=[
                aws.securityhub.InsightFiltersAwsAccountIdArgs(
                    comparison="EQUALS",
                    value="1234567890",
                ),
                aws.securityhub.InsightFiltersAwsAccountIdArgs(
                    comparison="EQUALS",
                    value="09876543210",
                ),
            ],
        ),
        group_by_attribute="AwsAccountId",
        name="example-insight",
        opts=pulumi.ResourceOptions(depends_on=[example]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := securityhub.NewAccount(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
    			Filters: &securityhub.InsightFiltersArgs{
    				AwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{
    					&securityhub.InsightFiltersAwsAccountIdArgs{
    						Comparison: pulumi.String("EQUALS"),
    						Value:      pulumi.String("1234567890"),
    					},
    					&securityhub.InsightFiltersAwsAccountIdArgs{
    						Comparison: pulumi.String("EQUALS"),
    						Value:      pulumi.String("09876543210"),
    					},
    				},
    			},
    			GroupByAttribute: pulumi.String("AwsAccountId"),
    			Name:             pulumi.String("example-insight"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.Account("example");
    
        var exampleInsight = new Aws.SecurityHub.Insight("example", new()
        {
            Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
            {
                AwsAccountIds = new[]
                {
                    new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
                    {
                        Comparison = "EQUALS",
                        Value = "1234567890",
                    },
                    new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
                    {
                        Comparison = "EQUALS",
                        Value = "09876543210",
                    },
                },
            },
            GroupByAttribute = "AwsAccountId",
            Name = "example-insight",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.Account;
    import com.pulumi.aws.securityhub.Insight;
    import com.pulumi.aws.securityhub.InsightArgs;
    import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Account("example");
    
            var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
                .filters(InsightFiltersArgs.builder()
                    .awsAccountIds(                
                        InsightFiltersAwsAccountIdArgs.builder()
                            .comparison("EQUALS")
                            .value("1234567890")
                            .build(),
                        InsightFiltersAwsAccountIdArgs.builder()
                            .comparison("EQUALS")
                            .value("09876543210")
                            .build())
                    .build())
                .groupByAttribute("AwsAccountId")
                .name("example-insight")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(example)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:Account
      exampleInsight:
        type: aws:securityhub:Insight
        name: example
        properties:
          filters:
            awsAccountIds:
              - comparison: EQUALS
                value: '1234567890'
              - comparison: EQUALS
                value: '09876543210'
          groupByAttribute: AwsAccountId
          name: example-insight
        options:
          dependson:
            - ${example}
    

    Filter by date range

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.Account("example", {});
    const exampleInsight = new aws.securityhub.Insight("example", {
        filters: {
            createdAts: [{
                dateRange: {
                    unit: "DAYS",
                    value: 5,
                },
            }],
        },
        groupByAttribute: "CreatedAt",
        name: "example-insight",
    }, {
        dependsOn: [example],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.Account("example")
    example_insight = aws.securityhub.Insight("example",
        filters=aws.securityhub.InsightFiltersArgs(
            created_ats=[aws.securityhub.InsightFiltersCreatedAtArgs(
                date_range=aws.securityhub.InsightFiltersCreatedAtDateRangeArgs(
                    unit="DAYS",
                    value=5,
                ),
            )],
        ),
        group_by_attribute="CreatedAt",
        name="example-insight",
        opts=pulumi.ResourceOptions(depends_on=[example]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := securityhub.NewAccount(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
    			Filters: &securityhub.InsightFiltersArgs{
    				CreatedAts: securityhub.InsightFiltersCreatedAtArray{
    					&securityhub.InsightFiltersCreatedAtArgs{
    						DateRange: &securityhub.InsightFiltersCreatedAtDateRangeArgs{
    							Unit:  pulumi.String("DAYS"),
    							Value: pulumi.Int(5),
    						},
    					},
    				},
    			},
    			GroupByAttribute: pulumi.String("CreatedAt"),
    			Name:             pulumi.String("example-insight"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.Account("example");
    
        var exampleInsight = new Aws.SecurityHub.Insight("example", new()
        {
            Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
            {
                CreatedAts = new[]
                {
                    new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs
                    {
                        DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs
                        {
                            Unit = "DAYS",
                            Value = 5,
                        },
                    },
                },
            },
            GroupByAttribute = "CreatedAt",
            Name = "example-insight",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.Account;
    import com.pulumi.aws.securityhub.Insight;
    import com.pulumi.aws.securityhub.InsightArgs;
    import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Account("example");
    
            var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
                .filters(InsightFiltersArgs.builder()
                    .createdAts(InsightFiltersCreatedAtArgs.builder()
                        .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
                            .unit("DAYS")
                            .value(5)
                            .build())
                        .build())
                    .build())
                .groupByAttribute("CreatedAt")
                .name("example-insight")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(example)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:Account
      exampleInsight:
        type: aws:securityhub:Insight
        name: example
        properties:
          filters:
            createdAts:
              - dateRange:
                  unit: DAYS
                  value: 5
          groupByAttribute: CreatedAt
          name: example-insight
        options:
          dependson:
            - ${example}
    

    Filter by destination IPv4 address

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.Account("example", {});
    const exampleInsight = new aws.securityhub.Insight("example", {
        filters: {
            networkDestinationIpv4s: [{
                cidr: "10.0.0.0/16",
            }],
        },
        groupByAttribute: "NetworkDestinationIpV4",
        name: "example-insight",
    }, {
        dependsOn: [example],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.Account("example")
    example_insight = aws.securityhub.Insight("example",
        filters=aws.securityhub.InsightFiltersArgs(
            network_destination_ipv4s=[aws.securityhub.InsightFiltersNetworkDestinationIpv4Args(
                cidr="10.0.0.0/16",
            )],
        ),
        group_by_attribute="NetworkDestinationIpV4",
        name="example-insight",
        opts=pulumi.ResourceOptions(depends_on=[example]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := securityhub.NewAccount(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
    			Filters: &securityhub.InsightFiltersArgs{
    				NetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{
    					&securityhub.InsightFiltersNetworkDestinationIpv4Args{
    						Cidr: pulumi.String("10.0.0.0/16"),
    					},
    				},
    			},
    			GroupByAttribute: pulumi.String("NetworkDestinationIpV4"),
    			Name:             pulumi.String("example-insight"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.Account("example");
    
        var exampleInsight = new Aws.SecurityHub.Insight("example", new()
        {
            Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
            {
                NetworkDestinationIpv4s = new[]
                {
                    new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args
                    {
                        Cidr = "10.0.0.0/16",
                    },
                },
            },
            GroupByAttribute = "NetworkDestinationIpV4",
            Name = "example-insight",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.Account;
    import com.pulumi.aws.securityhub.Insight;
    import com.pulumi.aws.securityhub.InsightArgs;
    import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Account("example");
    
            var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
                .filters(InsightFiltersArgs.builder()
                    .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
                        .cidr("10.0.0.0/16")
                        .build())
                    .build())
                .groupByAttribute("NetworkDestinationIpV4")
                .name("example-insight")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(example)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:Account
      exampleInsight:
        type: aws:securityhub:Insight
        name: example
        properties:
          filters:
            networkDestinationIpv4s:
              - cidr: 10.0.0.0/16
          groupByAttribute: NetworkDestinationIpV4
          name: example-insight
        options:
          dependson:
            - ${example}
    

    Filter by finding’s confidence

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.Account("example", {});
    const exampleInsight = new aws.securityhub.Insight("example", {
        filters: {
            confidences: [{
                gte: "80",
            }],
        },
        groupByAttribute: "Confidence",
        name: "example-insight",
    }, {
        dependsOn: [example],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.Account("example")
    example_insight = aws.securityhub.Insight("example",
        filters=aws.securityhub.InsightFiltersArgs(
            confidences=[aws.securityhub.InsightFiltersConfidenceArgs(
                gte="80",
            )],
        ),
        group_by_attribute="Confidence",
        name="example-insight",
        opts=pulumi.ResourceOptions(depends_on=[example]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := securityhub.NewAccount(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
    			Filters: &securityhub.InsightFiltersArgs{
    				Confidences: securityhub.InsightFiltersConfidenceArray{
    					&securityhub.InsightFiltersConfidenceArgs{
    						Gte: pulumi.String("80"),
    					},
    				},
    			},
    			GroupByAttribute: pulumi.String("Confidence"),
    			Name:             pulumi.String("example-insight"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.Account("example");
    
        var exampleInsight = new Aws.SecurityHub.Insight("example", new()
        {
            Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
            {
                Confidences = new[]
                {
                    new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs
                    {
                        Gte = "80",
                    },
                },
            },
            GroupByAttribute = "Confidence",
            Name = "example-insight",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.Account;
    import com.pulumi.aws.securityhub.Insight;
    import com.pulumi.aws.securityhub.InsightArgs;
    import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Account("example");
    
            var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
                .filters(InsightFiltersArgs.builder()
                    .confidences(InsightFiltersConfidenceArgs.builder()
                        .gte("80")
                        .build())
                    .build())
                .groupByAttribute("Confidence")
                .name("example-insight")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(example)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:Account
      exampleInsight:
        type: aws:securityhub:Insight
        name: example
        properties:
          filters:
            confidences:
              - gte: '80'
          groupByAttribute: Confidence
          name: example-insight
        options:
          dependson:
            - ${example}
    

    Filter by resource tags

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.Account("example", {});
    const exampleInsight = new aws.securityhub.Insight("example", {
        filters: {
            resourceTags: [{
                comparison: "EQUALS",
                key: "Environment",
                value: "Production",
            }],
        },
        groupByAttribute: "ResourceTags",
        name: "example-insight",
    }, {
        dependsOn: [example],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.Account("example")
    example_insight = aws.securityhub.Insight("example",
        filters=aws.securityhub.InsightFiltersArgs(
            resource_tags=[aws.securityhub.InsightFiltersResourceTagArgs(
                comparison="EQUALS",
                key="Environment",
                value="Production",
            )],
        ),
        group_by_attribute="ResourceTags",
        name="example-insight",
        opts=pulumi.ResourceOptions(depends_on=[example]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := securityhub.NewAccount(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = securityhub.NewInsight(ctx, "example", &securityhub.InsightArgs{
    			Filters: &securityhub.InsightFiltersArgs{
    				ResourceTags: securityhub.InsightFiltersResourceTagArray{
    					&securityhub.InsightFiltersResourceTagArgs{
    						Comparison: pulumi.String("EQUALS"),
    						Key:        pulumi.String("Environment"),
    						Value:      pulumi.String("Production"),
    					},
    				},
    			},
    			GroupByAttribute: pulumi.String("ResourceTags"),
    			Name:             pulumi.String("example-insight"),
    		}, pulumi.DependsOn([]pulumi.Resource{
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.Account("example");
    
        var exampleInsight = new Aws.SecurityHub.Insight("example", new()
        {
            Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
            {
                ResourceTags = new[]
                {
                    new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs
                    {
                        Comparison = "EQUALS",
                        Key = "Environment",
                        Value = "Production",
                    },
                },
            },
            GroupByAttribute = "ResourceTags",
            Name = "example-insight",
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.Account;
    import com.pulumi.aws.securityhub.Insight;
    import com.pulumi.aws.securityhub.InsightArgs;
    import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new Account("example");
    
            var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
                .filters(InsightFiltersArgs.builder()
                    .resourceTags(InsightFiltersResourceTagArgs.builder()
                        .comparison("EQUALS")
                        .key("Environment")
                        .value("Production")
                        .build())
                    .build())
                .groupByAttribute("ResourceTags")
                .name("example-insight")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(example)
                    .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:Account
      exampleInsight:
        type: aws:securityhub:Insight
        name: example
        properties:
          filters:
            resourceTags:
              - comparison: EQUALS
                key: Environment
                value: Production
          groupByAttribute: ResourceTags
          name: example-insight
        options:
          dependson:
            - ${example}
    

    Create Insight Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Insight(name: string, args: InsightArgs, opts?: CustomResourceOptions);
    @overload
    def Insight(resource_name: str,
                args: InsightArgs,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Insight(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                filters: Optional[InsightFiltersArgs] = None,
                group_by_attribute: Optional[str] = None,
                name: Optional[str] = None)
    func NewInsight(ctx *Context, name string, args InsightArgs, opts ...ResourceOption) (*Insight, error)
    public Insight(string name, InsightArgs args, CustomResourceOptions? opts = null)
    public Insight(String name, InsightArgs args)
    public Insight(String name, InsightArgs args, CustomResourceOptions options)
    
    type: aws:securityhub:Insight
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args InsightArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args InsightArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args InsightArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args InsightArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args InsightArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var insightResource = new Aws.SecurityHub.Insight("insightResource", new()
    {
        Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
        {
            AwsAccountIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            CompanyNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersCompanyNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ComplianceStatuses = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersComplianceStatusArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Confidences = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            CreatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            Criticalities = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersCriticalityArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            Descriptions = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersDescriptionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FindingProviderFieldsConfidences = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsConfidenceArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            FindingProviderFieldsCriticalities = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsCriticalityArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            FindingProviderFieldsRelatedFindingsIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FindingProviderFieldsRelatedFindingsProductArns = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FindingProviderFieldsSeverityLabels = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsSeverityLabelArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FindingProviderFieldsSeverityOriginals = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsSeverityOriginalArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FindingProviderFieldsTypes = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFindingProviderFieldsTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FirstObservedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersFirstObservedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersFirstObservedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            GeneratorIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersGeneratorIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Ids = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Keywords = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersKeywordArgs
                {
                    Value = "string",
                },
            },
            LastObservedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersLastObservedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersLastObservedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            MalwareNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersMalwareNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            MalwarePaths = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersMalwarePathArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            MalwareStates = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersMalwareStateArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            MalwareTypes = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersMalwareTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkDestinationDomains = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationDomainArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkDestinationIpv4s = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args
                {
                    Cidr = "string",
                },
            },
            NetworkDestinationIpv6s = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv6Args
                {
                    Cidr = "string",
                },
            },
            NetworkDestinationPorts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationPortArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            NetworkDirections = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkDirectionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkProtocols = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkProtocolArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkSourceDomains = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceDomainArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkSourceIpv4s = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceIpv4Args
                {
                    Cidr = "string",
                },
            },
            NetworkSourceIpv6s = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceIpv6Args
                {
                    Cidr = "string",
                },
            },
            NetworkSourceMacs = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourceMacArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NetworkSourcePorts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNetworkSourcePortArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            NoteTexts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNoteTextArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NoteUpdatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            NoteUpdatedBies = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersNoteUpdatedByArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProcessLaunchedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessLaunchedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersProcessLaunchedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ProcessNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProcessParentPids = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessParentPidArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            ProcessPaths = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessPathArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProcessPids = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessPidArgs
                {
                    Eq = "string",
                    Gte = "string",
                    Lte = "string",
                },
            },
            ProcessTerminatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProcessTerminatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersProcessTerminatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ProductArns = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProductArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProductFields = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProductFieldArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            ProductNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersProductNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RecommendationTexts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersRecommendationTextArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RecordStates = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersRecordStateArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RelatedFindingsIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersRelatedFindingsIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RelatedFindingsProductArns = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersRelatedFindingsProductArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceIamInstanceProfileArns = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceImageIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceImageIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceIpv4Addresses = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs
                {
                    Cidr = "string",
                },
            },
            ResourceAwsEc2InstanceIpv6Addresses = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs
                {
                    Cidr = "string",
                },
            },
            ResourceAwsEc2InstanceKeyNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceKeyNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceLaunchedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ResourceAwsEc2InstanceSubnetIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceSubnetIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceTypes = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsEc2InstanceVpcIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsEc2InstanceVpcIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsIamAccessKeyCreatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ResourceAwsIamAccessKeyStatuses = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyStatusArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsIamAccessKeyUserNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsIamAccessKeyUserNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsS3BucketOwnerIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsS3BucketOwnerIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceAwsS3BucketOwnerNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceAwsS3BucketOwnerNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceContainerImageIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerImageIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceContainerImageNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerImageNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceContainerLaunchedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerLaunchedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerLaunchedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ResourceContainerNames = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceContainerNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceDetailsOthers = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceDetailsOtherArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            ResourceIds = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourcePartitions = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourcePartitionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceRegions = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceRegionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceTags = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            ResourceTypes = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersResourceTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            SeverityLabels = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersSeverityLabelArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            SourceUrls = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersSourceUrlArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ThreatIntelIndicatorCategories = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorCategoryArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ThreatIntelIndicatorLastObservedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorLastObservedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            ThreatIntelIndicatorSourceUrls = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorSourceUrlArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ThreatIntelIndicatorSources = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorSourceArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ThreatIntelIndicatorTypes = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ThreatIntelIndicatorValues = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersThreatIntelIndicatorValueArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Titles = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersTitleArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Types = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            UpdatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersUpdatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.InsightFiltersUpdatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            UserDefinedValues = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersUserDefinedValueArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            VerificationStates = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersVerificationStateArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            WorkflowStatuses = new[]
            {
                new Aws.SecurityHub.Inputs.InsightFiltersWorkflowStatusArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
        },
        GroupByAttribute = "string",
        Name = "string",
    });
    
    example, err := securityhub.NewInsight(ctx, "insightResource", &securityhub.InsightArgs{
    	Filters: &securityhub.InsightFiltersArgs{
    		AwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{
    			&securityhub.InsightFiltersAwsAccountIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		CompanyNames: securityhub.InsightFiltersCompanyNameArray{
    			&securityhub.InsightFiltersCompanyNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ComplianceStatuses: securityhub.InsightFiltersComplianceStatusArray{
    			&securityhub.InsightFiltersComplianceStatusArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Confidences: securityhub.InsightFiltersConfidenceArray{
    			&securityhub.InsightFiltersConfidenceArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		CreatedAts: securityhub.InsightFiltersCreatedAtArray{
    			&securityhub.InsightFiltersCreatedAtArgs{
    				DateRange: &securityhub.InsightFiltersCreatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		Criticalities: securityhub.InsightFiltersCriticalityArray{
    			&securityhub.InsightFiltersCriticalityArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		Descriptions: securityhub.InsightFiltersDescriptionArray{
    			&securityhub.InsightFiltersDescriptionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsConfidences: securityhub.InsightFiltersFindingProviderFieldsConfidenceArray{
    			&securityhub.InsightFiltersFindingProviderFieldsConfidenceArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsCriticalities: securityhub.InsightFiltersFindingProviderFieldsCriticalityArray{
    			&securityhub.InsightFiltersFindingProviderFieldsCriticalityArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsRelatedFindingsIds: securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsIdArray{
    			&securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsRelatedFindingsProductArns: securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArray{
    			&securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsSeverityLabels: securityhub.InsightFiltersFindingProviderFieldsSeverityLabelArray{
    			&securityhub.InsightFiltersFindingProviderFieldsSeverityLabelArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsSeverityOriginals: securityhub.InsightFiltersFindingProviderFieldsSeverityOriginalArray{
    			&securityhub.InsightFiltersFindingProviderFieldsSeverityOriginalArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FindingProviderFieldsTypes: securityhub.InsightFiltersFindingProviderFieldsTypeArray{
    			&securityhub.InsightFiltersFindingProviderFieldsTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FirstObservedAts: securityhub.InsightFiltersFirstObservedAtArray{
    			&securityhub.InsightFiltersFirstObservedAtArgs{
    				DateRange: &securityhub.InsightFiltersFirstObservedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		GeneratorIds: securityhub.InsightFiltersGeneratorIdArray{
    			&securityhub.InsightFiltersGeneratorIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Ids: securityhub.InsightFiltersIdArray{
    			&securityhub.InsightFiltersIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Keywords: securityhub.InsightFiltersKeywordArray{
    			&securityhub.InsightFiltersKeywordArgs{
    				Value: pulumi.String("string"),
    			},
    		},
    		LastObservedAts: securityhub.InsightFiltersLastObservedAtArray{
    			&securityhub.InsightFiltersLastObservedAtArgs{
    				DateRange: &securityhub.InsightFiltersLastObservedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		MalwareNames: securityhub.InsightFiltersMalwareNameArray{
    			&securityhub.InsightFiltersMalwareNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		MalwarePaths: securityhub.InsightFiltersMalwarePathArray{
    			&securityhub.InsightFiltersMalwarePathArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		MalwareStates: securityhub.InsightFiltersMalwareStateArray{
    			&securityhub.InsightFiltersMalwareStateArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		MalwareTypes: securityhub.InsightFiltersMalwareTypeArray{
    			&securityhub.InsightFiltersMalwareTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkDestinationDomains: securityhub.InsightFiltersNetworkDestinationDomainArray{
    			&securityhub.InsightFiltersNetworkDestinationDomainArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{
    			&securityhub.InsightFiltersNetworkDestinationIpv4Args{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		NetworkDestinationIpv6s: securityhub.InsightFiltersNetworkDestinationIpv6Array{
    			&securityhub.InsightFiltersNetworkDestinationIpv6Args{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		NetworkDestinationPorts: securityhub.InsightFiltersNetworkDestinationPortArray{
    			&securityhub.InsightFiltersNetworkDestinationPortArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		NetworkDirections: securityhub.InsightFiltersNetworkDirectionArray{
    			&securityhub.InsightFiltersNetworkDirectionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkProtocols: securityhub.InsightFiltersNetworkProtocolArray{
    			&securityhub.InsightFiltersNetworkProtocolArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkSourceDomains: securityhub.InsightFiltersNetworkSourceDomainArray{
    			&securityhub.InsightFiltersNetworkSourceDomainArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkSourceIpv4s: securityhub.InsightFiltersNetworkSourceIpv4Array{
    			&securityhub.InsightFiltersNetworkSourceIpv4Args{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		NetworkSourceIpv6s: securityhub.InsightFiltersNetworkSourceIpv6Array{
    			&securityhub.InsightFiltersNetworkSourceIpv6Args{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		NetworkSourceMacs: securityhub.InsightFiltersNetworkSourceMacArray{
    			&securityhub.InsightFiltersNetworkSourceMacArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NetworkSourcePorts: securityhub.InsightFiltersNetworkSourcePortArray{
    			&securityhub.InsightFiltersNetworkSourcePortArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		NoteTexts: securityhub.InsightFiltersNoteTextArray{
    			&securityhub.InsightFiltersNoteTextArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NoteUpdatedAts: securityhub.InsightFiltersNoteUpdatedAtArray{
    			&securityhub.InsightFiltersNoteUpdatedAtArgs{
    				DateRange: &securityhub.InsightFiltersNoteUpdatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		NoteUpdatedBies: securityhub.InsightFiltersNoteUpdatedByArray{
    			&securityhub.InsightFiltersNoteUpdatedByArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProcessLaunchedAts: securityhub.InsightFiltersProcessLaunchedAtArray{
    			&securityhub.InsightFiltersProcessLaunchedAtArgs{
    				DateRange: &securityhub.InsightFiltersProcessLaunchedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ProcessNames: securityhub.InsightFiltersProcessNameArray{
    			&securityhub.InsightFiltersProcessNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProcessParentPids: securityhub.InsightFiltersProcessParentPidArray{
    			&securityhub.InsightFiltersProcessParentPidArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		ProcessPaths: securityhub.InsightFiltersProcessPathArray{
    			&securityhub.InsightFiltersProcessPathArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProcessPids: securityhub.InsightFiltersProcessPidArray{
    			&securityhub.InsightFiltersProcessPidArgs{
    				Eq:  pulumi.String("string"),
    				Gte: pulumi.String("string"),
    				Lte: pulumi.String("string"),
    			},
    		},
    		ProcessTerminatedAts: securityhub.InsightFiltersProcessTerminatedAtArray{
    			&securityhub.InsightFiltersProcessTerminatedAtArgs{
    				DateRange: &securityhub.InsightFiltersProcessTerminatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ProductArns: securityhub.InsightFiltersProductArnArray{
    			&securityhub.InsightFiltersProductArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProductFields: securityhub.InsightFiltersProductFieldArray{
    			&securityhub.InsightFiltersProductFieldArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProductNames: securityhub.InsightFiltersProductNameArray{
    			&securityhub.InsightFiltersProductNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RecommendationTexts: securityhub.InsightFiltersRecommendationTextArray{
    			&securityhub.InsightFiltersRecommendationTextArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RecordStates: securityhub.InsightFiltersRecordStateArray{
    			&securityhub.InsightFiltersRecordStateArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RelatedFindingsIds: securityhub.InsightFiltersRelatedFindingsIdArray{
    			&securityhub.InsightFiltersRelatedFindingsIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RelatedFindingsProductArns: securityhub.InsightFiltersRelatedFindingsProductArnArray{
    			&securityhub.InsightFiltersRelatedFindingsProductArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceIamInstanceProfileArns: securityhub.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceImageIds: securityhub.InsightFiltersResourceAwsEc2InstanceImageIdArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceImageIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceIpv4Addresses: securityhub.InsightFiltersResourceAwsEc2InstanceIpv4AddressArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceIpv6Addresses: securityhub.InsightFiltersResourceAwsEc2InstanceIpv6AddressArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs{
    				Cidr: pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceKeyNames: securityhub.InsightFiltersResourceAwsEc2InstanceKeyNameArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceKeyNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceLaunchedAts: securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs{
    				DateRange: &securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceSubnetIds: securityhub.InsightFiltersResourceAwsEc2InstanceSubnetIdArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceSubnetIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceTypes: securityhub.InsightFiltersResourceAwsEc2InstanceTypeArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsEc2InstanceVpcIds: securityhub.InsightFiltersResourceAwsEc2InstanceVpcIdArray{
    			&securityhub.InsightFiltersResourceAwsEc2InstanceVpcIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsIamAccessKeyCreatedAts: securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtArray{
    			&securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs{
    				DateRange: &securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ResourceAwsIamAccessKeyStatuses: securityhub.InsightFiltersResourceAwsIamAccessKeyStatusArray{
    			&securityhub.InsightFiltersResourceAwsIamAccessKeyStatusArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsIamAccessKeyUserNames: securityhub.InsightFiltersResourceAwsIamAccessKeyUserNameArray{
    			&securityhub.InsightFiltersResourceAwsIamAccessKeyUserNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsS3BucketOwnerIds: securityhub.InsightFiltersResourceAwsS3BucketOwnerIdArray{
    			&securityhub.InsightFiltersResourceAwsS3BucketOwnerIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceAwsS3BucketOwnerNames: securityhub.InsightFiltersResourceAwsS3BucketOwnerNameArray{
    			&securityhub.InsightFiltersResourceAwsS3BucketOwnerNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceContainerImageIds: securityhub.InsightFiltersResourceContainerImageIdArray{
    			&securityhub.InsightFiltersResourceContainerImageIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceContainerImageNames: securityhub.InsightFiltersResourceContainerImageNameArray{
    			&securityhub.InsightFiltersResourceContainerImageNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceContainerLaunchedAts: securityhub.InsightFiltersResourceContainerLaunchedAtArray{
    			&securityhub.InsightFiltersResourceContainerLaunchedAtArgs{
    				DateRange: &securityhub.InsightFiltersResourceContainerLaunchedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ResourceContainerNames: securityhub.InsightFiltersResourceContainerNameArray{
    			&securityhub.InsightFiltersResourceContainerNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceDetailsOthers: securityhub.InsightFiltersResourceDetailsOtherArray{
    			&securityhub.InsightFiltersResourceDetailsOtherArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceIds: securityhub.InsightFiltersResourceIdArray{
    			&securityhub.InsightFiltersResourceIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourcePartitions: securityhub.InsightFiltersResourcePartitionArray{
    			&securityhub.InsightFiltersResourcePartitionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceRegions: securityhub.InsightFiltersResourceRegionArray{
    			&securityhub.InsightFiltersResourceRegionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceTags: securityhub.InsightFiltersResourceTagArray{
    			&securityhub.InsightFiltersResourceTagArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceTypes: securityhub.InsightFiltersResourceTypeArray{
    			&securityhub.InsightFiltersResourceTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		SeverityLabels: securityhub.InsightFiltersSeverityLabelArray{
    			&securityhub.InsightFiltersSeverityLabelArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		SourceUrls: securityhub.InsightFiltersSourceUrlArray{
    			&securityhub.InsightFiltersSourceUrlArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorCategories: securityhub.InsightFiltersThreatIntelIndicatorCategoryArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorCategoryArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorLastObservedAts: securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtArgs{
    				DateRange: &securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorSourceUrls: securityhub.InsightFiltersThreatIntelIndicatorSourceUrlArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorSourceUrlArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorSources: securityhub.InsightFiltersThreatIntelIndicatorSourceArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorSourceArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorTypes: securityhub.InsightFiltersThreatIntelIndicatorTypeArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ThreatIntelIndicatorValues: securityhub.InsightFiltersThreatIntelIndicatorValueArray{
    			&securityhub.InsightFiltersThreatIntelIndicatorValueArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Titles: securityhub.InsightFiltersTitleArray{
    			&securityhub.InsightFiltersTitleArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Types: securityhub.InsightFiltersTypeArray{
    			&securityhub.InsightFiltersTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		UpdatedAts: securityhub.InsightFiltersUpdatedAtArray{
    			&securityhub.InsightFiltersUpdatedAtArgs{
    				DateRange: &securityhub.InsightFiltersUpdatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		UserDefinedValues: securityhub.InsightFiltersUserDefinedValueArray{
    			&securityhub.InsightFiltersUserDefinedValueArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		VerificationStates: securityhub.InsightFiltersVerificationStateArray{
    			&securityhub.InsightFiltersVerificationStateArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		WorkflowStatuses: securityhub.InsightFiltersWorkflowStatusArray{
    			&securityhub.InsightFiltersWorkflowStatusArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    	},
    	GroupByAttribute: pulumi.String("string"),
    	Name:             pulumi.String("string"),
    })
    
    var insightResource = new Insight("insightResource", InsightArgs.builder()
        .filters(InsightFiltersArgs.builder()
            .awsAccountIds(InsightFiltersAwsAccountIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .companyNames(InsightFiltersCompanyNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .complianceStatuses(InsightFiltersComplianceStatusArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .confidences(InsightFiltersConfidenceArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .createdAts(InsightFiltersCreatedAtArgs.builder()
                .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .criticalities(InsightFiltersCriticalityArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .descriptions(InsightFiltersDescriptionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .findingProviderFieldsConfidences(InsightFiltersFindingProviderFieldsConfidenceArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .findingProviderFieldsCriticalities(InsightFiltersFindingProviderFieldsCriticalityArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .findingProviderFieldsRelatedFindingsIds(InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .findingProviderFieldsRelatedFindingsProductArns(InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .findingProviderFieldsSeverityLabels(InsightFiltersFindingProviderFieldsSeverityLabelArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .findingProviderFieldsSeverityOriginals(InsightFiltersFindingProviderFieldsSeverityOriginalArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .findingProviderFieldsTypes(InsightFiltersFindingProviderFieldsTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .firstObservedAts(InsightFiltersFirstObservedAtArgs.builder()
                .dateRange(InsightFiltersFirstObservedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .generatorIds(InsightFiltersGeneratorIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .ids(InsightFiltersIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .keywords(InsightFiltersKeywordArgs.builder()
                .value("string")
                .build())
            .lastObservedAts(InsightFiltersLastObservedAtArgs.builder()
                .dateRange(InsightFiltersLastObservedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .malwareNames(InsightFiltersMalwareNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .malwarePaths(InsightFiltersMalwarePathArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .malwareStates(InsightFiltersMalwareStateArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .malwareTypes(InsightFiltersMalwareTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkDestinationDomains(InsightFiltersNetworkDestinationDomainArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
                .cidr("string")
                .build())
            .networkDestinationIpv6s(InsightFiltersNetworkDestinationIpv6Args.builder()
                .cidr("string")
                .build())
            .networkDestinationPorts(InsightFiltersNetworkDestinationPortArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .networkDirections(InsightFiltersNetworkDirectionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkProtocols(InsightFiltersNetworkProtocolArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkSourceDomains(InsightFiltersNetworkSourceDomainArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkSourceIpv4s(InsightFiltersNetworkSourceIpv4Args.builder()
                .cidr("string")
                .build())
            .networkSourceIpv6s(InsightFiltersNetworkSourceIpv6Args.builder()
                .cidr("string")
                .build())
            .networkSourceMacs(InsightFiltersNetworkSourceMacArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .networkSourcePorts(InsightFiltersNetworkSourcePortArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .noteTexts(InsightFiltersNoteTextArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .noteUpdatedAts(InsightFiltersNoteUpdatedAtArgs.builder()
                .dateRange(InsightFiltersNoteUpdatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .noteUpdatedBies(InsightFiltersNoteUpdatedByArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .processLaunchedAts(InsightFiltersProcessLaunchedAtArgs.builder()
                .dateRange(InsightFiltersProcessLaunchedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .processNames(InsightFiltersProcessNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .processParentPids(InsightFiltersProcessParentPidArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .processPaths(InsightFiltersProcessPathArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .processPids(InsightFiltersProcessPidArgs.builder()
                .eq("string")
                .gte("string")
                .lte("string")
                .build())
            .processTerminatedAts(InsightFiltersProcessTerminatedAtArgs.builder()
                .dateRange(InsightFiltersProcessTerminatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .productArns(InsightFiltersProductArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .productFields(InsightFiltersProductFieldArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .productNames(InsightFiltersProductNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .recommendationTexts(InsightFiltersRecommendationTextArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .recordStates(InsightFiltersRecordStateArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .relatedFindingsIds(InsightFiltersRelatedFindingsIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .relatedFindingsProductArns(InsightFiltersRelatedFindingsProductArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceIamInstanceProfileArns(InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceImageIds(InsightFiltersResourceAwsEc2InstanceImageIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceIpv4Addresses(InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs.builder()
                .cidr("string")
                .build())
            .resourceAwsEc2InstanceIpv6Addresses(InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs.builder()
                .cidr("string")
                .build())
            .resourceAwsEc2InstanceKeyNames(InsightFiltersResourceAwsEc2InstanceKeyNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceLaunchedAts(InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs.builder()
                .dateRange(InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .resourceAwsEc2InstanceSubnetIds(InsightFiltersResourceAwsEc2InstanceSubnetIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceTypes(InsightFiltersResourceAwsEc2InstanceTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsEc2InstanceVpcIds(InsightFiltersResourceAwsEc2InstanceVpcIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsIamAccessKeyCreatedAts(InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs.builder()
                .dateRange(InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .resourceAwsIamAccessKeyStatuses(InsightFiltersResourceAwsIamAccessKeyStatusArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsIamAccessKeyUserNames(InsightFiltersResourceAwsIamAccessKeyUserNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsS3BucketOwnerIds(InsightFiltersResourceAwsS3BucketOwnerIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceAwsS3BucketOwnerNames(InsightFiltersResourceAwsS3BucketOwnerNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceContainerImageIds(InsightFiltersResourceContainerImageIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceContainerImageNames(InsightFiltersResourceContainerImageNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceContainerLaunchedAts(InsightFiltersResourceContainerLaunchedAtArgs.builder()
                .dateRange(InsightFiltersResourceContainerLaunchedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .resourceContainerNames(InsightFiltersResourceContainerNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceDetailsOthers(InsightFiltersResourceDetailsOtherArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .resourceIds(InsightFiltersResourceIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourcePartitions(InsightFiltersResourcePartitionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceRegions(InsightFiltersResourceRegionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceTags(InsightFiltersResourceTagArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .resourceTypes(InsightFiltersResourceTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .severityLabels(InsightFiltersSeverityLabelArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .sourceUrls(InsightFiltersSourceUrlArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .threatIntelIndicatorCategories(InsightFiltersThreatIntelIndicatorCategoryArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .threatIntelIndicatorLastObservedAts(InsightFiltersThreatIntelIndicatorLastObservedAtArgs.builder()
                .dateRange(InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .threatIntelIndicatorSourceUrls(InsightFiltersThreatIntelIndicatorSourceUrlArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .threatIntelIndicatorSources(InsightFiltersThreatIntelIndicatorSourceArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .threatIntelIndicatorTypes(InsightFiltersThreatIntelIndicatorTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .threatIntelIndicatorValues(InsightFiltersThreatIntelIndicatorValueArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .titles(InsightFiltersTitleArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .types(InsightFiltersTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .updatedAts(InsightFiltersUpdatedAtArgs.builder()
                .dateRange(InsightFiltersUpdatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .userDefinedValues(InsightFiltersUserDefinedValueArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .verificationStates(InsightFiltersVerificationStateArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .workflowStatuses(InsightFiltersWorkflowStatusArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .build())
        .groupByAttribute("string")
        .name("string")
        .build());
    
    insight_resource = aws.securityhub.Insight("insightResource",
        filters=aws.securityhub.InsightFiltersArgs(
            aws_account_ids=[aws.securityhub.InsightFiltersAwsAccountIdArgs(
                comparison="string",
                value="string",
            )],
            company_names=[aws.securityhub.InsightFiltersCompanyNameArgs(
                comparison="string",
                value="string",
            )],
            compliance_statuses=[aws.securityhub.InsightFiltersComplianceStatusArgs(
                comparison="string",
                value="string",
            )],
            confidences=[aws.securityhub.InsightFiltersConfidenceArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            created_ats=[aws.securityhub.InsightFiltersCreatedAtArgs(
                date_range=aws.securityhub.InsightFiltersCreatedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            criticalities=[aws.securityhub.InsightFiltersCriticalityArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            descriptions=[aws.securityhub.InsightFiltersDescriptionArgs(
                comparison="string",
                value="string",
            )],
            finding_provider_fields_confidences=[aws.securityhub.InsightFiltersFindingProviderFieldsConfidenceArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            finding_provider_fields_criticalities=[aws.securityhub.InsightFiltersFindingProviderFieldsCriticalityArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            finding_provider_fields_related_findings_ids=[aws.securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsIdArgs(
                comparison="string",
                value="string",
            )],
            finding_provider_fields_related_findings_product_arns=[aws.securityhub.InsightFiltersFindingProviderFieldsRelatedFindingsProductArnArgs(
                comparison="string",
                value="string",
            )],
            finding_provider_fields_severity_labels=[aws.securityhub.InsightFiltersFindingProviderFieldsSeverityLabelArgs(
                comparison="string",
                value="string",
            )],
            finding_provider_fields_severity_originals=[aws.securityhub.InsightFiltersFindingProviderFieldsSeverityOriginalArgs(
                comparison="string",
                value="string",
            )],
            finding_provider_fields_types=[aws.securityhub.InsightFiltersFindingProviderFieldsTypeArgs(
                comparison="string",
                value="string",
            )],
            first_observed_ats=[aws.securityhub.InsightFiltersFirstObservedAtArgs(
                date_range=aws.securityhub.InsightFiltersFirstObservedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            generator_ids=[aws.securityhub.InsightFiltersGeneratorIdArgs(
                comparison="string",
                value="string",
            )],
            ids=[aws.securityhub.InsightFiltersIdArgs(
                comparison="string",
                value="string",
            )],
            keywords=[aws.securityhub.InsightFiltersKeywordArgs(
                value="string",
            )],
            last_observed_ats=[aws.securityhub.InsightFiltersLastObservedAtArgs(
                date_range=aws.securityhub.InsightFiltersLastObservedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            malware_names=[aws.securityhub.InsightFiltersMalwareNameArgs(
                comparison="string",
                value="string",
            )],
            malware_paths=[aws.securityhub.InsightFiltersMalwarePathArgs(
                comparison="string",
                value="string",
            )],
            malware_states=[aws.securityhub.InsightFiltersMalwareStateArgs(
                comparison="string",
                value="string",
            )],
            malware_types=[aws.securityhub.InsightFiltersMalwareTypeArgs(
                comparison="string",
                value="string",
            )],
            network_destination_domains=[aws.securityhub.InsightFiltersNetworkDestinationDomainArgs(
                comparison="string",
                value="string",
            )],
            network_destination_ipv4s=[aws.securityhub.InsightFiltersNetworkDestinationIpv4Args(
                cidr="string",
            )],
            network_destination_ipv6s=[aws.securityhub.InsightFiltersNetworkDestinationIpv6Args(
                cidr="string",
            )],
            network_destination_ports=[aws.securityhub.InsightFiltersNetworkDestinationPortArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            network_directions=[aws.securityhub.InsightFiltersNetworkDirectionArgs(
                comparison="string",
                value="string",
            )],
            network_protocols=[aws.securityhub.InsightFiltersNetworkProtocolArgs(
                comparison="string",
                value="string",
            )],
            network_source_domains=[aws.securityhub.InsightFiltersNetworkSourceDomainArgs(
                comparison="string",
                value="string",
            )],
            network_source_ipv4s=[aws.securityhub.InsightFiltersNetworkSourceIpv4Args(
                cidr="string",
            )],
            network_source_ipv6s=[aws.securityhub.InsightFiltersNetworkSourceIpv6Args(
                cidr="string",
            )],
            network_source_macs=[aws.securityhub.InsightFiltersNetworkSourceMacArgs(
                comparison="string",
                value="string",
            )],
            network_source_ports=[aws.securityhub.InsightFiltersNetworkSourcePortArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            note_texts=[aws.securityhub.InsightFiltersNoteTextArgs(
                comparison="string",
                value="string",
            )],
            note_updated_ats=[aws.securityhub.InsightFiltersNoteUpdatedAtArgs(
                date_range=aws.securityhub.InsightFiltersNoteUpdatedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            note_updated_bies=[aws.securityhub.InsightFiltersNoteUpdatedByArgs(
                comparison="string",
                value="string",
            )],
            process_launched_ats=[aws.securityhub.InsightFiltersProcessLaunchedAtArgs(
                date_range=aws.securityhub.InsightFiltersProcessLaunchedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            process_names=[aws.securityhub.InsightFiltersProcessNameArgs(
                comparison="string",
                value="string",
            )],
            process_parent_pids=[aws.securityhub.InsightFiltersProcessParentPidArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            process_paths=[aws.securityhub.InsightFiltersProcessPathArgs(
                comparison="string",
                value="string",
            )],
            process_pids=[aws.securityhub.InsightFiltersProcessPidArgs(
                eq="string",
                gte="string",
                lte="string",
            )],
            process_terminated_ats=[aws.securityhub.InsightFiltersProcessTerminatedAtArgs(
                date_range=aws.securityhub.InsightFiltersProcessTerminatedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            product_arns=[aws.securityhub.InsightFiltersProductArnArgs(
                comparison="string",
                value="string",
            )],
            product_fields=[aws.securityhub.InsightFiltersProductFieldArgs(
                comparison="string",
                key="string",
                value="string",
            )],
            product_names=[aws.securityhub.InsightFiltersProductNameArgs(
                comparison="string",
                value="string",
            )],
            recommendation_texts=[aws.securityhub.InsightFiltersRecommendationTextArgs(
                comparison="string",
                value="string",
            )],
            record_states=[aws.securityhub.InsightFiltersRecordStateArgs(
                comparison="string",
                value="string",
            )],
            related_findings_ids=[aws.securityhub.InsightFiltersRelatedFindingsIdArgs(
                comparison="string",
                value="string",
            )],
            related_findings_product_arns=[aws.securityhub.InsightFiltersRelatedFindingsProductArnArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_iam_instance_profile_arns=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArnArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_image_ids=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceImageIdArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_ipv4_addresses=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceIpv4AddressArgs(
                cidr="string",
            )],
            resource_aws_ec2_instance_ipv6_addresses=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceIpv6AddressArgs(
                cidr="string",
            )],
            resource_aws_ec2_instance_key_names=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceKeyNameArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_launched_ats=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtArgs(
                date_range=aws.securityhub.InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            resource_aws_ec2_instance_subnet_ids=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceSubnetIdArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_types=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceTypeArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_ec2_instance_vpc_ids=[aws.securityhub.InsightFiltersResourceAwsEc2InstanceVpcIdArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_iam_access_key_created_ats=[aws.securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtArgs(
                date_range=aws.securityhub.InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            resource_aws_iam_access_key_statuses=[aws.securityhub.InsightFiltersResourceAwsIamAccessKeyStatusArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_iam_access_key_user_names=[aws.securityhub.InsightFiltersResourceAwsIamAccessKeyUserNameArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_s3_bucket_owner_ids=[aws.securityhub.InsightFiltersResourceAwsS3BucketOwnerIdArgs(
                comparison="string",
                value="string",
            )],
            resource_aws_s3_bucket_owner_names=[aws.securityhub.InsightFiltersResourceAwsS3BucketOwnerNameArgs(
                comparison="string",
                value="string",
            )],
            resource_container_image_ids=[aws.securityhub.InsightFiltersResourceContainerImageIdArgs(
                comparison="string",
                value="string",
            )],
            resource_container_image_names=[aws.securityhub.InsightFiltersResourceContainerImageNameArgs(
                comparison="string",
                value="string",
            )],
            resource_container_launched_ats=[aws.securityhub.InsightFiltersResourceContainerLaunchedAtArgs(
                date_range=aws.securityhub.InsightFiltersResourceContainerLaunchedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            resource_container_names=[aws.securityhub.InsightFiltersResourceContainerNameArgs(
                comparison="string",
                value="string",
            )],
            resource_details_others=[aws.securityhub.InsightFiltersResourceDetailsOtherArgs(
                comparison="string",
                key="string",
                value="string",
            )],
            resource_ids=[aws.securityhub.InsightFiltersResourceIdArgs(
                comparison="string",
                value="string",
            )],
            resource_partitions=[aws.securityhub.InsightFiltersResourcePartitionArgs(
                comparison="string",
                value="string",
            )],
            resource_regions=[aws.securityhub.InsightFiltersResourceRegionArgs(
                comparison="string",
                value="string",
            )],
            resource_tags=[aws.securityhub.InsightFiltersResourceTagArgs(
                comparison="string",
                key="string",
                value="string",
            )],
            resource_types=[aws.securityhub.InsightFiltersResourceTypeArgs(
                comparison="string",
                value="string",
            )],
            severity_labels=[aws.securityhub.InsightFiltersSeverityLabelArgs(
                comparison="string",
                value="string",
            )],
            source_urls=[aws.securityhub.InsightFiltersSourceUrlArgs(
                comparison="string",
                value="string",
            )],
            threat_intel_indicator_categories=[aws.securityhub.InsightFiltersThreatIntelIndicatorCategoryArgs(
                comparison="string",
                value="string",
            )],
            threat_intel_indicator_last_observed_ats=[aws.securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtArgs(
                date_range=aws.securityhub.InsightFiltersThreatIntelIndicatorLastObservedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            threat_intel_indicator_source_urls=[aws.securityhub.InsightFiltersThreatIntelIndicatorSourceUrlArgs(
                comparison="string",
                value="string",
            )],
            threat_intel_indicator_sources=[aws.securityhub.InsightFiltersThreatIntelIndicatorSourceArgs(
                comparison="string",
                value="string",
            )],
            threat_intel_indicator_types=[aws.securityhub.InsightFiltersThreatIntelIndicatorTypeArgs(
                comparison="string",
                value="string",
            )],
            threat_intel_indicator_values=[aws.securityhub.InsightFiltersThreatIntelIndicatorValueArgs(
                comparison="string",
                value="string",
            )],
            titles=[aws.securityhub.InsightFiltersTitleArgs(
                comparison="string",
                value="string",
            )],
            types=[aws.securityhub.InsightFiltersTypeArgs(
                comparison="string",
                value="string",
            )],
            updated_ats=[aws.securityhub.InsightFiltersUpdatedAtArgs(
                date_range=aws.securityhub.InsightFiltersUpdatedAtDateRangeArgs(
                    unit="string",
                    value=0,
                ),
                end="string",
                start="string",
            )],
            user_defined_values=[aws.securityhub.InsightFiltersUserDefinedValueArgs(
                comparison="string",
                key="string",
                value="string",
            )],
            verification_states=[aws.securityhub.InsightFiltersVerificationStateArgs(
                comparison="string",
                value="string",
            )],
            workflow_statuses=[aws.securityhub.InsightFiltersWorkflowStatusArgs(
                comparison="string",
                value="string",
            )],
        ),
        group_by_attribute="string",
        name="string")
    
    const insightResource = new aws.securityhub.Insight("insightResource", {
        filters: {
            awsAccountIds: [{
                comparison: "string",
                value: "string",
            }],
            companyNames: [{
                comparison: "string",
                value: "string",
            }],
            complianceStatuses: [{
                comparison: "string",
                value: "string",
            }],
            confidences: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            createdAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            criticalities: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            descriptions: [{
                comparison: "string",
                value: "string",
            }],
            findingProviderFieldsConfidences: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            findingProviderFieldsCriticalities: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            findingProviderFieldsRelatedFindingsIds: [{
                comparison: "string",
                value: "string",
            }],
            findingProviderFieldsRelatedFindingsProductArns: [{
                comparison: "string",
                value: "string",
            }],
            findingProviderFieldsSeverityLabels: [{
                comparison: "string",
                value: "string",
            }],
            findingProviderFieldsSeverityOriginals: [{
                comparison: "string",
                value: "string",
            }],
            findingProviderFieldsTypes: [{
                comparison: "string",
                value: "string",
            }],
            firstObservedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            generatorIds: [{
                comparison: "string",
                value: "string",
            }],
            ids: [{
                comparison: "string",
                value: "string",
            }],
            keywords: [{
                value: "string",
            }],
            lastObservedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            malwareNames: [{
                comparison: "string",
                value: "string",
            }],
            malwarePaths: [{
                comparison: "string",
                value: "string",
            }],
            malwareStates: [{
                comparison: "string",
                value: "string",
            }],
            malwareTypes: [{
                comparison: "string",
                value: "string",
            }],
            networkDestinationDomains: [{
                comparison: "string",
                value: "string",
            }],
            networkDestinationIpv4s: [{
                cidr: "string",
            }],
            networkDestinationIpv6s: [{
                cidr: "string",
            }],
            networkDestinationPorts: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            networkDirections: [{
                comparison: "string",
                value: "string",
            }],
            networkProtocols: [{
                comparison: "string",
                value: "string",
            }],
            networkSourceDomains: [{
                comparison: "string",
                value: "string",
            }],
            networkSourceIpv4s: [{
                cidr: "string",
            }],
            networkSourceIpv6s: [{
                cidr: "string",
            }],
            networkSourceMacs: [{
                comparison: "string",
                value: "string",
            }],
            networkSourcePorts: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            noteTexts: [{
                comparison: "string",
                value: "string",
            }],
            noteUpdatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            noteUpdatedBies: [{
                comparison: "string",
                value: "string",
            }],
            processLaunchedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            processNames: [{
                comparison: "string",
                value: "string",
            }],
            processParentPids: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            processPaths: [{
                comparison: "string",
                value: "string",
            }],
            processPids: [{
                eq: "string",
                gte: "string",
                lte: "string",
            }],
            processTerminatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            productArns: [{
                comparison: "string",
                value: "string",
            }],
            productFields: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            productNames: [{
                comparison: "string",
                value: "string",
            }],
            recommendationTexts: [{
                comparison: "string",
                value: "string",
            }],
            recordStates: [{
                comparison: "string",
                value: "string",
            }],
            relatedFindingsIds: [{
                comparison: "string",
                value: "string",
            }],
            relatedFindingsProductArns: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceIamInstanceProfileArns: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceImageIds: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceIpv4Addresses: [{
                cidr: "string",
            }],
            resourceAwsEc2InstanceIpv6Addresses: [{
                cidr: "string",
            }],
            resourceAwsEc2InstanceKeyNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceLaunchedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            resourceAwsEc2InstanceSubnetIds: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceTypes: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsEc2InstanceVpcIds: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsIamAccessKeyCreatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            resourceAwsIamAccessKeyStatuses: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsIamAccessKeyUserNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsS3BucketOwnerIds: [{
                comparison: "string",
                value: "string",
            }],
            resourceAwsS3BucketOwnerNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceContainerImageIds: [{
                comparison: "string",
                value: "string",
            }],
            resourceContainerImageNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceContainerLaunchedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            resourceContainerNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceDetailsOthers: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            resourceIds: [{
                comparison: "string",
                value: "string",
            }],
            resourcePartitions: [{
                comparison: "string",
                value: "string",
            }],
            resourceRegions: [{
                comparison: "string",
                value: "string",
            }],
            resourceTags: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            resourceTypes: [{
                comparison: "string",
                value: "string",
            }],
            severityLabels: [{
                comparison: "string",
                value: "string",
            }],
            sourceUrls: [{
                comparison: "string",
                value: "string",
            }],
            threatIntelIndicatorCategories: [{
                comparison: "string",
                value: "string",
            }],
            threatIntelIndicatorLastObservedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            threatIntelIndicatorSourceUrls: [{
                comparison: "string",
                value: "string",
            }],
            threatIntelIndicatorSources: [{
                comparison: "string",
                value: "string",
            }],
            threatIntelIndicatorTypes: [{
                comparison: "string",
                value: "string",
            }],
            threatIntelIndicatorValues: [{
                comparison: "string",
                value: "string",
            }],
            titles: [{
                comparison: "string",
                value: "string",
            }],
            types: [{
                comparison: "string",
                value: "string",
            }],
            updatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            userDefinedValues: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            verificationStates: [{
                comparison: "string",
                value: "string",
            }],
            workflowStatuses: [{
                comparison: "string",
                value: "string",
            }],
        },
        groupByAttribute: "string",
        name: "string",
    });
    
    type: aws:securityhub:Insight
    properties:
        filters:
            awsAccountIds:
                - comparison: string
                  value: string
            companyNames:
                - comparison: string
                  value: string
            complianceStatuses:
                - comparison: string
                  value: string
            confidences:
                - eq: string
                  gte: string
                  lte: string
            createdAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            criticalities:
                - eq: string
                  gte: string
                  lte: string
            descriptions:
                - comparison: string
                  value: string
            findingProviderFieldsConfidences:
                - eq: string
                  gte: string
                  lte: string
            findingProviderFieldsCriticalities:
                - eq: string
                  gte: string
                  lte: string
            findingProviderFieldsRelatedFindingsIds:
                - comparison: string
                  value: string
            findingProviderFieldsRelatedFindingsProductArns:
                - comparison: string
                  value: string
            findingProviderFieldsSeverityLabels:
                - comparison: string
                  value: string
            findingProviderFieldsSeverityOriginals:
                - comparison: string
                  value: string
            findingProviderFieldsTypes:
                - comparison: string
                  value: string
            firstObservedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            generatorIds:
                - comparison: string
                  value: string
            ids:
                - comparison: string
                  value: string
            keywords:
                - value: string
            lastObservedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            malwareNames:
                - comparison: string
                  value: string
            malwarePaths:
                - comparison: string
                  value: string
            malwareStates:
                - comparison: string
                  value: string
            malwareTypes:
                - comparison: string
                  value: string
            networkDestinationDomains:
                - comparison: string
                  value: string
            networkDestinationIpv4s:
                - cidr: string
            networkDestinationIpv6s:
                - cidr: string
            networkDestinationPorts:
                - eq: string
                  gte: string
                  lte: string
            networkDirections:
                - comparison: string
                  value: string
            networkProtocols:
                - comparison: string
                  value: string
            networkSourceDomains:
                - comparison: string
                  value: string
            networkSourceIpv4s:
                - cidr: string
            networkSourceIpv6s:
                - cidr: string
            networkSourceMacs:
                - comparison: string
                  value: string
            networkSourcePorts:
                - eq: string
                  gte: string
                  lte: string
            noteTexts:
                - comparison: string
                  value: string
            noteUpdatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            noteUpdatedBies:
                - comparison: string
                  value: string
            processLaunchedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            processNames:
                - comparison: string
                  value: string
            processParentPids:
                - eq: string
                  gte: string
                  lte: string
            processPaths:
                - comparison: string
                  value: string
            processPids:
                - eq: string
                  gte: string
                  lte: string
            processTerminatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            productArns:
                - comparison: string
                  value: string
            productFields:
                - comparison: string
                  key: string
                  value: string
            productNames:
                - comparison: string
                  value: string
            recommendationTexts:
                - comparison: string
                  value: string
            recordStates:
                - comparison: string
                  value: string
            relatedFindingsIds:
                - comparison: string
                  value: string
            relatedFindingsProductArns:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceIamInstanceProfileArns:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceImageIds:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceIpv4Addresses:
                - cidr: string
            resourceAwsEc2InstanceIpv6Addresses:
                - cidr: string
            resourceAwsEc2InstanceKeyNames:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceLaunchedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            resourceAwsEc2InstanceSubnetIds:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceTypes:
                - comparison: string
                  value: string
            resourceAwsEc2InstanceVpcIds:
                - comparison: string
                  value: string
            resourceAwsIamAccessKeyCreatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            resourceAwsIamAccessKeyStatuses:
                - comparison: string
                  value: string
            resourceAwsIamAccessKeyUserNames:
                - comparison: string
                  value: string
            resourceAwsS3BucketOwnerIds:
                - comparison: string
                  value: string
            resourceAwsS3BucketOwnerNames:
                - comparison: string
                  value: string
            resourceContainerImageIds:
                - comparison: string
                  value: string
            resourceContainerImageNames:
                - comparison: string
                  value: string
            resourceContainerLaunchedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            resourceContainerNames:
                - comparison: string
                  value: string
            resourceDetailsOthers:
                - comparison: string
                  key: string
                  value: string
            resourceIds:
                - comparison: string
                  value: string
            resourcePartitions:
                - comparison: string
                  value: string
            resourceRegions:
                - comparison: string
                  value: string
            resourceTags:
                - comparison: string
                  key: string
                  value: string
            resourceTypes:
                - comparison: string
                  value: string
            severityLabels:
                - comparison: string
                  value: string
            sourceUrls:
                - comparison: string
                  value: string
            threatIntelIndicatorCategories:
                - comparison: string
                  value: string
            threatIntelIndicatorLastObservedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            threatIntelIndicatorSourceUrls:
                - comparison: string
                  value: string
            threatIntelIndicatorSources:
                - comparison: string
                  value: string
            threatIntelIndicatorTypes:
                - comparison: string
                  value: string
            threatIntelIndicatorValues:
                - comparison: string
                  value: string
            titles:
                - comparison: string
                  value: string
            types:
                - comparison: string
                  value: string
            updatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            userDefinedValues:
                - comparison: string
                  key: string
                  value: string
            verificationStates:
                - comparison: string
                  value: string
            workflowStatuses:
                - comparison: string
                  value: string
        groupByAttribute: string
        name: string
    

    Insight Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Insight resource accepts the following input properties:

    Filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    GroupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    Name string
    The name of the custom insight.
    Filters InsightFiltersArgs
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    GroupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    Name string
    The name of the custom insight.
    filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute String
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name String
    The name of the custom insight.
    filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name string
    The name of the custom insight.
    filters InsightFiltersArgs
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    group_by_attribute str
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name str
    The name of the custom insight.
    filters Property Map
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute String
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name String
    The name of the custom insight.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Insight resource produces the following output properties:

    Arn string
    ARN of the insight.
    Id string
    The provider-assigned unique ID for this managed resource.
    Arn string
    ARN of the insight.
    Id string
    The provider-assigned unique ID for this managed resource.
    arn String
    ARN of the insight.
    id String
    The provider-assigned unique ID for this managed resource.
    arn string
    ARN of the insight.
    id string
    The provider-assigned unique ID for this managed resource.
    arn str
    ARN of the insight.
    id str
    The provider-assigned unique ID for this managed resource.
    arn String
    ARN of the insight.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Insight Resource

    Get an existing Insight resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: InsightState, opts?: CustomResourceOptions): Insight
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            filters: Optional[InsightFiltersArgs] = None,
            group_by_attribute: Optional[str] = None,
            name: Optional[str] = None) -> Insight
    func GetInsight(ctx *Context, name string, id IDInput, state *InsightState, opts ...ResourceOption) (*Insight, error)
    public static Insight Get(string name, Input<string> id, InsightState? state, CustomResourceOptions? opts = null)
    public static Insight get(String name, Output<String> id, InsightState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    ARN of the insight.
    Filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    GroupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    Name string
    The name of the custom insight.
    Arn string
    ARN of the insight.
    Filters InsightFiltersArgs
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    GroupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    Name string
    The name of the custom insight.
    arn String
    ARN of the insight.
    filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute String
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name String
    The name of the custom insight.
    arn string
    ARN of the insight.
    filters InsightFilters
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute string
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name string
    The name of the custom insight.
    arn str
    ARN of the insight.
    filters InsightFiltersArgs
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    group_by_attribute str
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name str
    The name of the custom insight.
    arn String
    ARN of the insight.
    filters Property Map
    A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
    groupByAttribute String
    The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.
    name String
    The name of the custom insight.

    Supporting Types

    InsightFilters, InsightFiltersArgs

    AwsAccountIds List<InsightFiltersAwsAccountId>
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    CompanyNames List<InsightFiltersCompanyName>
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    ComplianceStatuses List<InsightFiltersComplianceStatus>
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    Confidences List<InsightFiltersConfidence>
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    CreatedAts List<InsightFiltersCreatedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    Criticalities List<InsightFiltersCriticality>
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    Descriptions List<InsightFiltersDescription>
    A finding's description. See String Filter below for more details.
    FindingProviderFieldsConfidences List<InsightFiltersFindingProviderFieldsConfidence>
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    FindingProviderFieldsCriticalities List<InsightFiltersFindingProviderFieldsCriticality>
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    FindingProviderFieldsRelatedFindingsIds List<InsightFiltersFindingProviderFieldsRelatedFindingsId>
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    FindingProviderFieldsRelatedFindingsProductArns List<InsightFiltersFindingProviderFieldsRelatedFindingsProductArn>
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    FindingProviderFieldsSeverityLabels List<InsightFiltersFindingProviderFieldsSeverityLabel>
    The finding provider value for the severity label. See String Filter below for more details.
    FindingProviderFieldsSeverityOriginals List<InsightFiltersFindingProviderFieldsSeverityOriginal>
    The finding provider's original value for the severity. See String Filter below for more details.
    FindingProviderFieldsTypes List<InsightFiltersFindingProviderFieldsType>
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    FirstObservedAts List<InsightFiltersFirstObservedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    GeneratorIds List<InsightFiltersGeneratorId>
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    Ids List<InsightFiltersId>
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    Keywords List<InsightFiltersKeyword>
    A keyword for a finding. See Keyword Filter below for more details.
    LastObservedAts List<InsightFiltersLastObservedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    MalwareNames List<InsightFiltersMalwareName>
    The name of the malware that was observed. See String Filter below for more details.
    MalwarePaths List<InsightFiltersMalwarePath>
    The filesystem path of the malware that was observed. See String Filter below for more details.
    MalwareStates List<InsightFiltersMalwareState>
    The state of the malware that was observed. See String Filter below for more details.
    MalwareTypes List<InsightFiltersMalwareType>
    The type of the malware that was observed. See String Filter below for more details.
    NetworkDestinationDomains List<InsightFiltersNetworkDestinationDomain>
    The destination domain of network-related information about a finding. See String Filter below for more details.
    NetworkDestinationIpv4s List<InsightFiltersNetworkDestinationIpv4>
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkDestinationIpv6s List<InsightFiltersNetworkDestinationIpv6>
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkDestinationPorts List<InsightFiltersNetworkDestinationPort>
    The destination port of network-related information about a finding. See Number Filter below for more details.
    NetworkDirections List<InsightFiltersNetworkDirection>
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    NetworkProtocols List<InsightFiltersNetworkProtocol>
    The protocol of network-related information about a finding. See String Filter below for more details.
    NetworkSourceDomains List<InsightFiltersNetworkSourceDomain>
    The source domain of network-related information about a finding. See String Filter below for more details.
    NetworkSourceIpv4s List<InsightFiltersNetworkSourceIpv4>
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkSourceIpv6s List<InsightFiltersNetworkSourceIpv6>
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkSourceMacs List<InsightFiltersNetworkSourceMac>
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    NetworkSourcePorts List<InsightFiltersNetworkSourcePort>
    The source port of network-related information about a finding. See Number Filter below for more details.
    NoteTexts List<InsightFiltersNoteText>
    The text of a note. See String Filter below for more details.
    NoteUpdatedAts List<InsightFiltersNoteUpdatedAt>
    The timestamp of when the note was updated. See Date Filter below for more details.
    NoteUpdatedBies List<InsightFiltersNoteUpdatedBy>
    The principal that created a note. See String Filter below for more details.
    ProcessLaunchedAts List<InsightFiltersProcessLaunchedAt>
    The date/time that the process was launched. See Date Filter below for more details.
    ProcessNames List<InsightFiltersProcessName>
    The name of the process. See String Filter below for more details.
    ProcessParentPids List<InsightFiltersProcessParentPid>
    The parent process ID. See Number Filter below for more details.
    ProcessPaths List<InsightFiltersProcessPath>
    The path to the process executable. See String Filter below for more details.
    ProcessPids List<InsightFiltersProcessPid>
    The process ID. See Number Filter below for more details.
    ProcessTerminatedAts List<InsightFiltersProcessTerminatedAt>
    The date/time that the process was terminated. See Date Filter below for more details.
    ProductArns List<InsightFiltersProductArn>
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    ProductFields List<InsightFiltersProductField>
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    ProductNames List<InsightFiltersProductName>
    The name of the solution (product) that generates findings. See String Filter below for more details.
    RecommendationTexts List<InsightFiltersRecommendationText>
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    RecordStates List<InsightFiltersRecordState>
    The updated record state for the finding. See String Filter below for more details.
    RelatedFindingsIds List<InsightFiltersRelatedFindingsId>
    The solution-generated identifier for a related finding. See String Filter below for more details.
    RelatedFindingsProductArns List<InsightFiltersRelatedFindingsProductArn>
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    ResourceAwsEc2InstanceIamInstanceProfileArns List<InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn>
    The IAM profile ARN of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceImageIds List<InsightFiltersResourceAwsEc2InstanceImageId>
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceIpv4Addresses List<InsightFiltersResourceAwsEc2InstanceIpv4Address>
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    ResourceAwsEc2InstanceIpv6Addresses List<InsightFiltersResourceAwsEc2InstanceIpv6Address>
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    ResourceAwsEc2InstanceKeyNames List<InsightFiltersResourceAwsEc2InstanceKeyName>
    The key name associated with the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceLaunchedAts List<InsightFiltersResourceAwsEc2InstanceLaunchedAt>
    The date and time the instance was launched. See Date Filter below for more details.
    ResourceAwsEc2InstanceSubnetIds List<InsightFiltersResourceAwsEc2InstanceSubnetId>
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    ResourceAwsEc2InstanceTypes List<InsightFiltersResourceAwsEc2InstanceType>
    The instance type of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceVpcIds List<InsightFiltersResourceAwsEc2InstanceVpcId>
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    ResourceAwsIamAccessKeyCreatedAts List<InsightFiltersResourceAwsIamAccessKeyCreatedAt>
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    ResourceAwsIamAccessKeyStatuses List<InsightFiltersResourceAwsIamAccessKeyStatus>
    The status of the IAM access key related to a finding. See String Filter below for more details.
    ResourceAwsIamAccessKeyUserNames List<InsightFiltersResourceAwsIamAccessKeyUserName>
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    ResourceAwsS3BucketOwnerIds List<InsightFiltersResourceAwsS3BucketOwnerId>
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    ResourceAwsS3BucketOwnerNames List<InsightFiltersResourceAwsS3BucketOwnerName>
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    ResourceContainerImageIds List<InsightFiltersResourceContainerImageId>
    The identifier of the image related to a finding. See String Filter below for more details.
    ResourceContainerImageNames List<InsightFiltersResourceContainerImageName>
    The name of the image related to a finding. See String Filter below for more details.
    ResourceContainerLaunchedAts List<InsightFiltersResourceContainerLaunchedAt>
    The date/time that the container was started. See Date Filter below for more details.
    ResourceContainerNames List<InsightFiltersResourceContainerName>
    The name of the container related to a finding. See String Filter below for more details.
    ResourceDetailsOthers List<InsightFiltersResourceDetailsOther>
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    ResourceIds List<InsightFiltersResourceId>
    The canonical identifier for the given resource type. See String Filter below for more details.
    ResourcePartitions List<InsightFiltersResourcePartition>
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    ResourceRegions List<InsightFiltersResourceRegion>
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    ResourceTags List<InsightFiltersResourceTag>
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    ResourceTypes List<InsightFiltersResourceType>
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    SeverityLabels List<InsightFiltersSeverityLabel>
    The label of a finding's severity. See String Filter below for more details.
    SourceUrls List<InsightFiltersSourceUrl>
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    ThreatIntelIndicatorCategories List<InsightFiltersThreatIntelIndicatorCategory>
    The category of a threat intelligence indicator. See String Filter below for more details.
    ThreatIntelIndicatorLastObservedAts List<InsightFiltersThreatIntelIndicatorLastObservedAt>
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    ThreatIntelIndicatorSourceUrls List<InsightFiltersThreatIntelIndicatorSourceUrl>
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    ThreatIntelIndicatorSources List<InsightFiltersThreatIntelIndicatorSource>
    The source of the threat intelligence. See String Filter below for more details.
    ThreatIntelIndicatorTypes List<InsightFiltersThreatIntelIndicatorType>
    The type of a threat intelligence indicator. See String Filter below for more details.
    ThreatIntelIndicatorValues List<InsightFiltersThreatIntelIndicatorValue>
    The value of a threat intelligence indicator. See String Filter below for more details.
    Titles List<InsightFiltersTitle>
    A finding's title. See String Filter below for more details.
    Types List<InsightFiltersType>
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    UpdatedAts List<InsightFiltersUpdatedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    UserDefinedValues List<InsightFiltersUserDefinedValue>
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    VerificationStates List<InsightFiltersVerificationState>
    The veracity of a finding. See String Filter below for more details.
    WorkflowStatuses List<InsightFiltersWorkflowStatus>
    The status of the investigation into a finding. See Workflow Status Filter below for more details.
    AwsAccountIds []InsightFiltersAwsAccountId
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    CompanyNames []InsightFiltersCompanyName
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    ComplianceStatuses []InsightFiltersComplianceStatus
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    Confidences []InsightFiltersConfidence
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    CreatedAts []InsightFiltersCreatedAt
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    Criticalities []InsightFiltersCriticality
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    Descriptions []InsightFiltersDescription
    A finding's description. See String Filter below for more details.
    FindingProviderFieldsConfidences []InsightFiltersFindingProviderFieldsConfidence
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    FindingProviderFieldsCriticalities []InsightFiltersFindingProviderFieldsCriticality
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    FindingProviderFieldsRelatedFindingsIds []InsightFiltersFindingProviderFieldsRelatedFindingsId
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    FindingProviderFieldsRelatedFindingsProductArns []InsightFiltersFindingProviderFieldsRelatedFindingsProductArn
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    FindingProviderFieldsSeverityLabels []InsightFiltersFindingProviderFieldsSeverityLabel
    The finding provider value for the severity label. See String Filter below for more details.
    FindingProviderFieldsSeverityOriginals []InsightFiltersFindingProviderFieldsSeverityOriginal
    The finding provider's original value for the severity. See String Filter below for more details.
    FindingProviderFieldsTypes []InsightFiltersFindingProviderFieldsType
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    FirstObservedAts []InsightFiltersFirstObservedAt
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    GeneratorIds []InsightFiltersGeneratorId
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    Ids []InsightFiltersId
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    Keywords []InsightFiltersKeyword
    A keyword for a finding. See Keyword Filter below for more details.
    LastObservedAts []InsightFiltersLastObservedAt
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    MalwareNames []InsightFiltersMalwareName
    The name of the malware that was observed. See String Filter below for more details.
    MalwarePaths []InsightFiltersMalwarePath
    The filesystem path of the malware that was observed. See String Filter below for more details.
    MalwareStates []InsightFiltersMalwareState
    The state of the malware that was observed. See String Filter below for more details.
    MalwareTypes []InsightFiltersMalwareType
    The type of the malware that was observed. See String Filter below for more details.
    NetworkDestinationDomains []InsightFiltersNetworkDestinationDomain
    The destination domain of network-related information about a finding. See String Filter below for more details.
    NetworkDestinationIpv4s []InsightFiltersNetworkDestinationIpv4
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkDestinationIpv6s []InsightFiltersNetworkDestinationIpv6
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkDestinationPorts []InsightFiltersNetworkDestinationPort
    The destination port of network-related information about a finding. See Number Filter below for more details.
    NetworkDirections []InsightFiltersNetworkDirection
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    NetworkProtocols []InsightFiltersNetworkProtocol
    The protocol of network-related information about a finding. See String Filter below for more details.
    NetworkSourceDomains []InsightFiltersNetworkSourceDomain
    The source domain of network-related information about a finding. See String Filter below for more details.
    NetworkSourceIpv4s []InsightFiltersNetworkSourceIpv4
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkSourceIpv6s []InsightFiltersNetworkSourceIpv6
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    NetworkSourceMacs []InsightFiltersNetworkSourceMac
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    NetworkSourcePorts []InsightFiltersNetworkSourcePort
    The source port of network-related information about a finding. See Number Filter below for more details.
    NoteTexts []InsightFiltersNoteText
    The text of a note. See String Filter below for more details.
    NoteUpdatedAts []InsightFiltersNoteUpdatedAt
    The timestamp of when the note was updated. See Date Filter below for more details.
    NoteUpdatedBies []InsightFiltersNoteUpdatedBy
    The principal that created a note. See String Filter below for more details.
    ProcessLaunchedAts []InsightFiltersProcessLaunchedAt
    The date/time that the process was launched. See Date Filter below for more details.
    ProcessNames []InsightFiltersProcessName
    The name of the process. See String Filter below for more details.
    ProcessParentPids []InsightFiltersProcessParentPid
    The parent process ID. See Number Filter below for more details.
    ProcessPaths []InsightFiltersProcessPath
    The path to the process executable. See String Filter below for more details.
    ProcessPids []InsightFiltersProcessPid
    The process ID. See Number Filter below for more details.
    ProcessTerminatedAts []InsightFiltersProcessTerminatedAt
    The date/time that the process was terminated. See Date Filter below for more details.
    ProductArns []InsightFiltersProductArn
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    ProductFields []InsightFiltersProductField
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    ProductNames []InsightFiltersProductName
    The name of the solution (product) that generates findings. See String Filter below for more details.
    RecommendationTexts []InsightFiltersRecommendationText
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    RecordStates []InsightFiltersRecordState
    The updated record state for the finding. See String Filter below for more details.
    RelatedFindingsIds []InsightFiltersRelatedFindingsId
    The solution-generated identifier for a related finding. See String Filter below for more details.
    RelatedFindingsProductArns []InsightFiltersRelatedFindingsProductArn
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    ResourceAwsEc2InstanceIamInstanceProfileArns []InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn
    The IAM profile ARN of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceImageIds []InsightFiltersResourceAwsEc2InstanceImageId
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceIpv4Addresses []InsightFiltersResourceAwsEc2InstanceIpv4Address
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    ResourceAwsEc2InstanceIpv6Addresses []InsightFiltersResourceAwsEc2InstanceIpv6Address
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    ResourceAwsEc2InstanceKeyNames []InsightFiltersResourceAwsEc2InstanceKeyName
    The key name associated with the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceLaunchedAts []InsightFiltersResourceAwsEc2InstanceLaunchedAt
    The date and time the instance was launched. See Date Filter below for more details.
    ResourceAwsEc2InstanceSubnetIds []InsightFiltersResourceAwsEc2InstanceSubnetId
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    ResourceAwsEc2InstanceTypes []InsightFiltersResourceAwsEc2InstanceType
    The instance type of the instance. See String Filter below for more details.
    ResourceAwsEc2InstanceVpcIds []InsightFiltersResourceAwsEc2InstanceVpcId
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    ResourceAwsIamAccessKeyCreatedAts []InsightFiltersResourceAwsIamAccessKeyCreatedAt
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    ResourceAwsIamAccessKeyStatuses []InsightFiltersResourceAwsIamAccessKeyStatus
    The status of the IAM access key related to a finding. See String Filter below for more details.
    ResourceAwsIamAccessKeyUserNames []InsightFiltersResourceAwsIamAccessKeyUserName
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    ResourceAwsS3BucketOwnerIds []InsightFiltersResourceAwsS3BucketOwnerId
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    ResourceAwsS3BucketOwnerNames []InsightFiltersResourceAwsS3BucketOwnerName
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    ResourceContainerImageIds []InsightFiltersResourceContainerImageId
    The identifier of the image related to a finding. See String Filter below for more details.
    ResourceContainerImageNames []InsightFiltersResourceContainerImageName
    The name of the image related to a finding. See String Filter below for more details.
    ResourceContainerLaunchedAts []InsightFiltersResourceContainerLaunchedAt
    The date/time that the container was started. See Date Filter below for more details.
    ResourceContainerNames []InsightFiltersResourceContainerName
    The name of the container related to a finding. See String Filter below for more details.
    ResourceDetailsOthers []InsightFiltersResourceDetailsOther
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    ResourceIds []InsightFiltersResourceId
    The canonical identifier for the given resource type. See String Filter below for more details.
    ResourcePartitions []InsightFiltersResourcePartition
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    ResourceRegions []InsightFiltersResourceRegion
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    ResourceTags []InsightFiltersResourceTag
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    ResourceTypes []InsightFiltersResourceType
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    SeverityLabels []InsightFiltersSeverityLabel
    The label of a finding's severity. See String Filter below for more details.
    SourceUrls []InsightFiltersSourceUrl
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    ThreatIntelIndicatorCategories []InsightFiltersThreatIntelIndicatorCategory
    The category of a threat intelligence indicator. See String Filter below for more details.
    ThreatIntelIndicatorLastObservedAts []InsightFiltersThreatIntelIndicatorLastObservedAt
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    ThreatIntelIndicatorSourceUrls []InsightFiltersThreatIntelIndicatorSourceUrl
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    ThreatIntelIndicatorSources []InsightFiltersThreatIntelIndicatorSource
    The source of the threat intelligence. See String Filter below for more details.
    ThreatIntelIndicatorTypes []InsightFiltersThreatIntelIndicatorType
    The type of a threat intelligence indicator. See String Filter below for more details.
    ThreatIntelIndicatorValues []InsightFiltersThreatIntelIndicatorValue
    The value of a threat intelligence indicator. See String Filter below for more details.
    Titles []InsightFiltersTitle
    A finding's title. See String Filter below for more details.
    Types []InsightFiltersType
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    UpdatedAts []InsightFiltersUpdatedAt
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    UserDefinedValues []InsightFiltersUserDefinedValue
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    VerificationStates []InsightFiltersVerificationState
    The veracity of a finding. See String Filter below for more details.
    WorkflowStatuses []InsightFiltersWorkflowStatus
    The status of the investigation into a finding. See Workflow Status Filter below for more details.
    awsAccountIds List<InsightFiltersAwsAccountId>
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    companyNames List<InsightFiltersCompanyName>
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    complianceStatuses List<InsightFiltersComplianceStatus>
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    confidences List<InsightFiltersConfidence>
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    createdAts List<InsightFiltersCreatedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    criticalities List<InsightFiltersCriticality>
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    descriptions List<InsightFiltersDescription>
    A finding's description. See String Filter below for more details.
    findingProviderFieldsConfidences List<InsightFiltersFindingProviderFieldsConfidence>
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    findingProviderFieldsCriticalities List<InsightFiltersFindingProviderFieldsCriticality>
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    findingProviderFieldsRelatedFindingsIds List<InsightFiltersFindingProviderFieldsRelatedFindingsId>
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsRelatedFindingsProductArns List<InsightFiltersFindingProviderFieldsRelatedFindingsProductArn>
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsSeverityLabels List<InsightFiltersFindingProviderFieldsSeverityLabel>
    The finding provider value for the severity label. See String Filter below for more details.
    findingProviderFieldsSeverityOriginals List<InsightFiltersFindingProviderFieldsSeverityOriginal>
    The finding provider's original value for the severity. See String Filter below for more details.
    findingProviderFieldsTypes List<InsightFiltersFindingProviderFieldsType>
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    firstObservedAts List<InsightFiltersFirstObservedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    generatorIds List<InsightFiltersGeneratorId>
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    ids List<InsightFiltersId>
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    keywords List<InsightFiltersKeyword>
    A keyword for a finding. See Keyword Filter below for more details.
    lastObservedAts List<InsightFiltersLastObservedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    malwareNames List<InsightFiltersMalwareName>
    The name of the malware that was observed. See String Filter below for more details.
    malwarePaths List<InsightFiltersMalwarePath>
    The filesystem path of the malware that was observed. See String Filter below for more details.
    malwareStates List<InsightFiltersMalwareState>
    The state of the malware that was observed. See String Filter below for more details.
    malwareTypes List<InsightFiltersMalwareType>
    The type of the malware that was observed. See String Filter below for more details.
    networkDestinationDomains List<InsightFiltersNetworkDestinationDomain>
    The destination domain of network-related information about a finding. See String Filter below for more details.
    networkDestinationIpv4s List<InsightFiltersNetworkDestinationIpv4>
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationIpv6s List<InsightFiltersNetworkDestinationIpv6>
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationPorts List<InsightFiltersNetworkDestinationPort>
    The destination port of network-related information about a finding. See Number Filter below for more details.
    networkDirections List<InsightFiltersNetworkDirection>
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    networkProtocols List<InsightFiltersNetworkProtocol>
    The protocol of network-related information about a finding. See String Filter below for more details.
    networkSourceDomains List<InsightFiltersNetworkSourceDomain>
    The source domain of network-related information about a finding. See String Filter below for more details.
    networkSourceIpv4s List<InsightFiltersNetworkSourceIpv4>
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceIpv6s List<InsightFiltersNetworkSourceIpv6>
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceMacs List<InsightFiltersNetworkSourceMac>
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    networkSourcePorts List<InsightFiltersNetworkSourcePort>
    The source port of network-related information about a finding. See Number Filter below for more details.
    noteTexts List<InsightFiltersNoteText>
    The text of a note. See String Filter below for more details.
    noteUpdatedAts List<InsightFiltersNoteUpdatedAt>
    The timestamp of when the note was updated. See Date Filter below for more details.
    noteUpdatedBies List<InsightFiltersNoteUpdatedBy>
    The principal that created a note. See String Filter below for more details.
    processLaunchedAts List<InsightFiltersProcessLaunchedAt>
    The date/time that the process was launched. See Date Filter below for more details.
    processNames List<InsightFiltersProcessName>
    The name of the process. See String Filter below for more details.
    processParentPids List<InsightFiltersProcessParentPid>
    The parent process ID. See Number Filter below for more details.
    processPaths List<InsightFiltersProcessPath>
    The path to the process executable. See String Filter below for more details.
    processPids List<InsightFiltersProcessPid>
    The process ID. See Number Filter below for more details.
    processTerminatedAts List<InsightFiltersProcessTerminatedAt>
    The date/time that the process was terminated. See Date Filter below for more details.
    productArns List<InsightFiltersProductArn>
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    productFields List<InsightFiltersProductField>
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    productNames List<InsightFiltersProductName>
    The name of the solution (product) that generates findings. See String Filter below for more details.
    recommendationTexts List<InsightFiltersRecommendationText>
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    recordStates List<InsightFiltersRecordState>
    The updated record state for the finding. See String Filter below for more details.
    relatedFindingsIds List<InsightFiltersRelatedFindingsId>
    The solution-generated identifier for a related finding. See String Filter below for more details.
    relatedFindingsProductArns List<InsightFiltersRelatedFindingsProductArn>
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    resourceAwsEc2InstanceIamInstanceProfileArns List<InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn>
    The IAM profile ARN of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceImageIds List<InsightFiltersResourceAwsEc2InstanceImageId>
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceIpv4Addresses List<InsightFiltersResourceAwsEc2InstanceIpv4Address>
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceIpv6Addresses List<InsightFiltersResourceAwsEc2InstanceIpv6Address>
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceKeyNames List<InsightFiltersResourceAwsEc2InstanceKeyName>
    The key name associated with the instance. See String Filter below for more details.
    resourceAwsEc2InstanceLaunchedAts List<InsightFiltersResourceAwsEc2InstanceLaunchedAt>
    The date and time the instance was launched. See Date Filter below for more details.
    resourceAwsEc2InstanceSubnetIds List<InsightFiltersResourceAwsEc2InstanceSubnetId>
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    resourceAwsEc2InstanceTypes List<InsightFiltersResourceAwsEc2InstanceType>
    The instance type of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceVpcIds List<InsightFiltersResourceAwsEc2InstanceVpcId>
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    resourceAwsIamAccessKeyCreatedAts List<InsightFiltersResourceAwsIamAccessKeyCreatedAt>
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    resourceAwsIamAccessKeyStatuses List<InsightFiltersResourceAwsIamAccessKeyStatus>
    The status of the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsIamAccessKeyUserNames List<InsightFiltersResourceAwsIamAccessKeyUserName>
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsS3BucketOwnerIds List<InsightFiltersResourceAwsS3BucketOwnerId>
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    resourceAwsS3BucketOwnerNames List<InsightFiltersResourceAwsS3BucketOwnerName>
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    resourceContainerImageIds List<InsightFiltersResourceContainerImageId>
    The identifier of the image related to a finding. See String Filter below for more details.
    resourceContainerImageNames List<InsightFiltersResourceContainerImageName>
    The name of the image related to a finding. See String Filter below for more details.
    resourceContainerLaunchedAts List<InsightFiltersResourceContainerLaunchedAt>
    The date/time that the container was started. See Date Filter below for more details.
    resourceContainerNames List<InsightFiltersResourceContainerName>
    The name of the container related to a finding. See String Filter below for more details.
    resourceDetailsOthers List<InsightFiltersResourceDetailsOther>
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    resourceIds List<InsightFiltersResourceId>
    The canonical identifier for the given resource type. See String Filter below for more details.
    resourcePartitions List<InsightFiltersResourcePartition>
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    resourceRegions List<InsightFiltersResourceRegion>
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    resourceTags List<InsightFiltersResourceTag>
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    resourceTypes List<InsightFiltersResourceType>
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    severityLabels List<InsightFiltersSeverityLabel>
    The label of a finding's severity. See String Filter below for more details.
    sourceUrls List<InsightFiltersSourceUrl>
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    threatIntelIndicatorCategories List<InsightFiltersThreatIntelIndicatorCategory>
    The category of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorLastObservedAts List<InsightFiltersThreatIntelIndicatorLastObservedAt>
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    threatIntelIndicatorSourceUrls List<InsightFiltersThreatIntelIndicatorSourceUrl>
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorSources List<InsightFiltersThreatIntelIndicatorSource>
    The source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorTypes List<InsightFiltersThreatIntelIndicatorType>
    The type of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorValues List<InsightFiltersThreatIntelIndicatorValue>
    The value of a threat intelligence indicator. See String Filter below for more details.
    titles List<InsightFiltersTitle>
    A finding's title. See String Filter below for more details.
    types List<InsightFiltersType>
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    updatedAts List<InsightFiltersUpdatedAt>
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    userDefinedValues List<InsightFiltersUserDefinedValue>
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    verificationStates List<InsightFiltersVerificationState>
    The veracity of a finding. See String Filter below for more details.
    workflowStatuses List<InsightFiltersWorkflowStatus>
    The status of the investigation into a finding. See Workflow Status Filter below for more details.
    awsAccountIds InsightFiltersAwsAccountId[]
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    companyNames InsightFiltersCompanyName[]
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    complianceStatuses InsightFiltersComplianceStatus[]
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    confidences InsightFiltersConfidence[]
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    createdAts InsightFiltersCreatedAt[]
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    criticalities InsightFiltersCriticality[]
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    descriptions InsightFiltersDescription[]
    A finding's description. See String Filter below for more details.
    findingProviderFieldsConfidences InsightFiltersFindingProviderFieldsConfidence[]
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    findingProviderFieldsCriticalities InsightFiltersFindingProviderFieldsCriticality[]
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    findingProviderFieldsRelatedFindingsIds InsightFiltersFindingProviderFieldsRelatedFindingsId[]
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsRelatedFindingsProductArns InsightFiltersFindingProviderFieldsRelatedFindingsProductArn[]
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsSeverityLabels InsightFiltersFindingProviderFieldsSeverityLabel[]
    The finding provider value for the severity label. See String Filter below for more details.
    findingProviderFieldsSeverityOriginals InsightFiltersFindingProviderFieldsSeverityOriginal[]
    The finding provider's original value for the severity. See String Filter below for more details.
    findingProviderFieldsTypes InsightFiltersFindingProviderFieldsType[]
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    firstObservedAts InsightFiltersFirstObservedAt[]
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    generatorIds InsightFiltersGeneratorId[]
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    ids InsightFiltersId[]
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    keywords InsightFiltersKeyword[]
    A keyword for a finding. See Keyword Filter below for more details.
    lastObservedAts InsightFiltersLastObservedAt[]
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    malwareNames InsightFiltersMalwareName[]
    The name of the malware that was observed. See String Filter below for more details.
    malwarePaths InsightFiltersMalwarePath[]
    The filesystem path of the malware that was observed. See String Filter below for more details.
    malwareStates InsightFiltersMalwareState[]
    The state of the malware that was observed. See String Filter below for more details.
    malwareTypes InsightFiltersMalwareType[]
    The type of the malware that was observed. See String Filter below for more details.
    networkDestinationDomains InsightFiltersNetworkDestinationDomain[]
    The destination domain of network-related information about a finding. See String Filter below for more details.
    networkDestinationIpv4s InsightFiltersNetworkDestinationIpv4[]
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationIpv6s InsightFiltersNetworkDestinationIpv6[]
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationPorts InsightFiltersNetworkDestinationPort[]
    The destination port of network-related information about a finding. See Number Filter below for more details.
    networkDirections InsightFiltersNetworkDirection[]
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    networkProtocols InsightFiltersNetworkProtocol[]
    The protocol of network-related information about a finding. See String Filter below for more details.
    networkSourceDomains InsightFiltersNetworkSourceDomain[]
    The source domain of network-related information about a finding. See String Filter below for more details.
    networkSourceIpv4s InsightFiltersNetworkSourceIpv4[]
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceIpv6s InsightFiltersNetworkSourceIpv6[]
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceMacs InsightFiltersNetworkSourceMac[]
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    networkSourcePorts InsightFiltersNetworkSourcePort[]
    The source port of network-related information about a finding. See Number Filter below for more details.
    noteTexts InsightFiltersNoteText[]
    The text of a note. See String Filter below for more details.
    noteUpdatedAts InsightFiltersNoteUpdatedAt[]
    The timestamp of when the note was updated. See Date Filter below for more details.
    noteUpdatedBies InsightFiltersNoteUpdatedBy[]
    The principal that created a note. See String Filter below for more details.
    processLaunchedAts InsightFiltersProcessLaunchedAt[]
    The date/time that the process was launched. See Date Filter below for more details.
    processNames InsightFiltersProcessName[]
    The name of the process. See String Filter below for more details.
    processParentPids InsightFiltersProcessParentPid[]
    The parent process ID. See Number Filter below for more details.
    processPaths InsightFiltersProcessPath[]
    The path to the process executable. See String Filter below for more details.
    processPids InsightFiltersProcessPid[]
    The process ID. See Number Filter below for more details.
    processTerminatedAts InsightFiltersProcessTerminatedAt[]
    The date/time that the process was terminated. See Date Filter below for more details.
    productArns InsightFiltersProductArn[]
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    productFields InsightFiltersProductField[]
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    productNames InsightFiltersProductName[]
    The name of the solution (product) that generates findings. See String Filter below for more details.
    recommendationTexts InsightFiltersRecommendationText[]
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    recordStates InsightFiltersRecordState[]
    The updated record state for the finding. See String Filter below for more details.
    relatedFindingsIds InsightFiltersRelatedFindingsId[]
    The solution-generated identifier for a related finding. See String Filter below for more details.
    relatedFindingsProductArns InsightFiltersRelatedFindingsProductArn[]
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    resourceAwsEc2InstanceIamInstanceProfileArns InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn[]
    The IAM profile ARN of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceImageIds InsightFiltersResourceAwsEc2InstanceImageId[]
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceIpv4Addresses InsightFiltersResourceAwsEc2InstanceIpv4Address[]
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceIpv6Addresses InsightFiltersResourceAwsEc2InstanceIpv6Address[]
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceKeyNames InsightFiltersResourceAwsEc2InstanceKeyName[]
    The key name associated with the instance. See String Filter below for more details.
    resourceAwsEc2InstanceLaunchedAts InsightFiltersResourceAwsEc2InstanceLaunchedAt[]
    The date and time the instance was launched. See Date Filter below for more details.
    resourceAwsEc2InstanceSubnetIds InsightFiltersResourceAwsEc2InstanceSubnetId[]
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    resourceAwsEc2InstanceTypes InsightFiltersResourceAwsEc2InstanceType[]
    The instance type of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceVpcIds InsightFiltersResourceAwsEc2InstanceVpcId[]
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    resourceAwsIamAccessKeyCreatedAts InsightFiltersResourceAwsIamAccessKeyCreatedAt[]
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    resourceAwsIamAccessKeyStatuses InsightFiltersResourceAwsIamAccessKeyStatus[]
    The status of the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsIamAccessKeyUserNames InsightFiltersResourceAwsIamAccessKeyUserName[]
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsS3BucketOwnerIds InsightFiltersResourceAwsS3BucketOwnerId[]
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    resourceAwsS3BucketOwnerNames InsightFiltersResourceAwsS3BucketOwnerName[]
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    resourceContainerImageIds InsightFiltersResourceContainerImageId[]
    The identifier of the image related to a finding. See String Filter below for more details.
    resourceContainerImageNames InsightFiltersResourceContainerImageName[]
    The name of the image related to a finding. See String Filter below for more details.
    resourceContainerLaunchedAts InsightFiltersResourceContainerLaunchedAt[]
    The date/time that the container was started. See Date Filter below for more details.
    resourceContainerNames InsightFiltersResourceContainerName[]
    The name of the container related to a finding. See String Filter below for more details.
    resourceDetailsOthers InsightFiltersResourceDetailsOther[]
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    resourceIds InsightFiltersResourceId[]
    The canonical identifier for the given resource type. See String Filter below for more details.
    resourcePartitions InsightFiltersResourcePartition[]
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    resourceRegions InsightFiltersResourceRegion[]
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    resourceTags InsightFiltersResourceTag[]
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    resourceTypes InsightFiltersResourceType[]
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    severityLabels InsightFiltersSeverityLabel[]
    The label of a finding's severity. See String Filter below for more details.
    sourceUrls InsightFiltersSourceUrl[]
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    threatIntelIndicatorCategories InsightFiltersThreatIntelIndicatorCategory[]
    The category of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorLastObservedAts InsightFiltersThreatIntelIndicatorLastObservedAt[]
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    threatIntelIndicatorSourceUrls InsightFiltersThreatIntelIndicatorSourceUrl[]
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorSources InsightFiltersThreatIntelIndicatorSource[]
    The source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorTypes InsightFiltersThreatIntelIndicatorType[]
    The type of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorValues InsightFiltersThreatIntelIndicatorValue[]
    The value of a threat intelligence indicator. See String Filter below for more details.
    titles InsightFiltersTitle[]
    A finding's title. See String Filter below for more details.
    types InsightFiltersType[]
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    updatedAts InsightFiltersUpdatedAt[]
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    userDefinedValues InsightFiltersUserDefinedValue[]
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    verificationStates InsightFiltersVerificationState[]
    The veracity of a finding. See String Filter below for more details.
    workflowStatuses InsightFiltersWorkflowStatus[]
    The status of the investigation into a finding. See Workflow Status Filter below for more details.
    aws_account_ids Sequence[InsightFiltersAwsAccountId]
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    company_names Sequence[InsightFiltersCompanyName]
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    compliance_statuses Sequence[InsightFiltersComplianceStatus]
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    confidences Sequence[InsightFiltersConfidence]
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    created_ats Sequence[InsightFiltersCreatedAt]
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    criticalities Sequence[InsightFiltersCriticality]
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    descriptions Sequence[InsightFiltersDescription]
    A finding's description. See String Filter below for more details.
    finding_provider_fields_confidences Sequence[InsightFiltersFindingProviderFieldsConfidence]
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    finding_provider_fields_criticalities Sequence[InsightFiltersFindingProviderFieldsCriticality]
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    finding_provider_fields_related_findings_ids Sequence[InsightFiltersFindingProviderFieldsRelatedFindingsId]
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    finding_provider_fields_related_findings_product_arns Sequence[InsightFiltersFindingProviderFieldsRelatedFindingsProductArn]
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    finding_provider_fields_severity_labels Sequence[InsightFiltersFindingProviderFieldsSeverityLabel]
    The finding provider value for the severity label. See String Filter below for more details.
    finding_provider_fields_severity_originals Sequence[InsightFiltersFindingProviderFieldsSeverityOriginal]
    The finding provider's original value for the severity. See String Filter below for more details.
    finding_provider_fields_types Sequence[InsightFiltersFindingProviderFieldsType]
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    first_observed_ats Sequence[InsightFiltersFirstObservedAt]
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    generator_ids Sequence[InsightFiltersGeneratorId]
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    ids Sequence[InsightFiltersId]
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    keywords Sequence[InsightFiltersKeyword]
    A keyword for a finding. See Keyword Filter below for more details.
    last_observed_ats Sequence[InsightFiltersLastObservedAt]
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    malware_names Sequence[InsightFiltersMalwareName]
    The name of the malware that was observed. See String Filter below for more details.
    malware_paths Sequence[InsightFiltersMalwarePath]
    The filesystem path of the malware that was observed. See String Filter below for more details.
    malware_states Sequence[InsightFiltersMalwareState]
    The state of the malware that was observed. See String Filter below for more details.
    malware_types Sequence[InsightFiltersMalwareType]
    The type of the malware that was observed. See String Filter below for more details.
    network_destination_domains Sequence[InsightFiltersNetworkDestinationDomain]
    The destination domain of network-related information about a finding. See String Filter below for more details.
    network_destination_ipv4s Sequence[InsightFiltersNetworkDestinationIpv4]
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    network_destination_ipv6s Sequence[InsightFiltersNetworkDestinationIpv6]
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    network_destination_ports Sequence[InsightFiltersNetworkDestinationPort]
    The destination port of network-related information about a finding. See Number Filter below for more details.
    network_directions Sequence[InsightFiltersNetworkDirection]
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    network_protocols Sequence[InsightFiltersNetworkProtocol]
    The protocol of network-related information about a finding. See String Filter below for more details.
    network_source_domains Sequence[InsightFiltersNetworkSourceDomain]
    The source domain of network-related information about a finding. See String Filter below for more details.
    network_source_ipv4s Sequence[InsightFiltersNetworkSourceIpv4]
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    network_source_ipv6s Sequence[InsightFiltersNetworkSourceIpv6]
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    network_source_macs Sequence[InsightFiltersNetworkSourceMac]
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    network_source_ports Sequence[InsightFiltersNetworkSourcePort]
    The source port of network-related information about a finding. See Number Filter below for more details.
    note_texts Sequence[InsightFiltersNoteText]
    The text of a note. See String Filter below for more details.
    note_updated_ats Sequence[InsightFiltersNoteUpdatedAt]
    The timestamp of when the note was updated. See Date Filter below for more details.
    note_updated_bies Sequence[InsightFiltersNoteUpdatedBy]
    The principal that created a note. See String Filter below for more details.
    process_launched_ats Sequence[InsightFiltersProcessLaunchedAt]
    The date/time that the process was launched. See Date Filter below for more details.
    process_names Sequence[InsightFiltersProcessName]
    The name of the process. See String Filter below for more details.
    process_parent_pids Sequence[InsightFiltersProcessParentPid]
    The parent process ID. See Number Filter below for more details.
    process_paths Sequence[InsightFiltersProcessPath]
    The path to the process executable. See String Filter below for more details.
    process_pids Sequence[InsightFiltersProcessPid]
    The process ID. See Number Filter below for more details.
    process_terminated_ats Sequence[InsightFiltersProcessTerminatedAt]
    The date/time that the process was terminated. See Date Filter below for more details.
    product_arns Sequence[InsightFiltersProductArn]
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    product_fields Sequence[InsightFiltersProductField]
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    product_names Sequence[InsightFiltersProductName]
    The name of the solution (product) that generates findings. See String Filter below for more details.
    recommendation_texts Sequence[InsightFiltersRecommendationText]
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    record_states Sequence[InsightFiltersRecordState]
    The updated record state for the finding. See String Filter below for more details.
    related_findings_ids Sequence[InsightFiltersRelatedFindingsId]
    The solution-generated identifier for a related finding. See String Filter below for more details.
    related_findings_product_arns Sequence[InsightFiltersRelatedFindingsProductArn]
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    resource_aws_ec2_instance_iam_instance_profile_arns Sequence[InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn]
    The IAM profile ARN of the instance. See String Filter below for more details.
    resource_aws_ec2_instance_image_ids Sequence[InsightFiltersResourceAwsEc2InstanceImageId]
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    resource_aws_ec2_instance_ipv4_addresses Sequence[InsightFiltersResourceAwsEc2InstanceIpv4Address]
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    resource_aws_ec2_instance_ipv6_addresses Sequence[InsightFiltersResourceAwsEc2InstanceIpv6Address]
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    resource_aws_ec2_instance_key_names Sequence[InsightFiltersResourceAwsEc2InstanceKeyName]
    The key name associated with the instance. See String Filter below for more details.
    resource_aws_ec2_instance_launched_ats Sequence[InsightFiltersResourceAwsEc2InstanceLaunchedAt]
    The date and time the instance was launched. See Date Filter below for more details.
    resource_aws_ec2_instance_subnet_ids Sequence[InsightFiltersResourceAwsEc2InstanceSubnetId]
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    resource_aws_ec2_instance_types Sequence[InsightFiltersResourceAwsEc2InstanceType]
    The instance type of the instance. See String Filter below for more details.
    resource_aws_ec2_instance_vpc_ids Sequence[InsightFiltersResourceAwsEc2InstanceVpcId]
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    resource_aws_iam_access_key_created_ats Sequence[InsightFiltersResourceAwsIamAccessKeyCreatedAt]
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    resource_aws_iam_access_key_statuses Sequence[InsightFiltersResourceAwsIamAccessKeyStatus]
    The status of the IAM access key related to a finding. See String Filter below for more details.
    resource_aws_iam_access_key_user_names Sequence[InsightFiltersResourceAwsIamAccessKeyUserName]
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    resource_aws_s3_bucket_owner_ids Sequence[InsightFiltersResourceAwsS3BucketOwnerId]
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    resource_aws_s3_bucket_owner_names Sequence[InsightFiltersResourceAwsS3BucketOwnerName]
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    resource_container_image_ids Sequence[InsightFiltersResourceContainerImageId]
    The identifier of the image related to a finding. See String Filter below for more details.
    resource_container_image_names Sequence[InsightFiltersResourceContainerImageName]
    The name of the image related to a finding. See String Filter below for more details.
    resource_container_launched_ats Sequence[InsightFiltersResourceContainerLaunchedAt]
    The date/time that the container was started. See Date Filter below for more details.
    resource_container_names Sequence[InsightFiltersResourceContainerName]
    The name of the container related to a finding. See String Filter below for more details.
    resource_details_others Sequence[InsightFiltersResourceDetailsOther]
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    resource_ids Sequence[InsightFiltersResourceId]
    The canonical identifier for the given resource type. See String Filter below for more details.
    resource_partitions Sequence[InsightFiltersResourcePartition]
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    resource_regions Sequence[InsightFiltersResourceRegion]
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    resource_tags Sequence[InsightFiltersResourceTag]
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    resource_types Sequence[InsightFiltersResourceType]
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    severity_labels Sequence[InsightFiltersSeverityLabel]
    The label of a finding's severity. See String Filter below for more details.
    source_urls Sequence[InsightFiltersSourceUrl]
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    threat_intel_indicator_categories Sequence[InsightFiltersThreatIntelIndicatorCategory]
    The category of a threat intelligence indicator. See String Filter below for more details.
    threat_intel_indicator_last_observed_ats Sequence[InsightFiltersThreatIntelIndicatorLastObservedAt]
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    threat_intel_indicator_source_urls Sequence[InsightFiltersThreatIntelIndicatorSourceUrl]
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    threat_intel_indicator_sources Sequence[InsightFiltersThreatIntelIndicatorSource]
    The source of the threat intelligence. See String Filter below for more details.
    threat_intel_indicator_types Sequence[InsightFiltersThreatIntelIndicatorType]
    The type of a threat intelligence indicator. See String Filter below for more details.
    threat_intel_indicator_values Sequence[InsightFiltersThreatIntelIndicatorValue]
    The value of a threat intelligence indicator. See String Filter below for more details.
    titles Sequence[InsightFiltersTitle]
    A finding's title. See String Filter below for more details.
    types Sequence[InsightFiltersType]
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    updated_ats Sequence[InsightFiltersUpdatedAt]
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    user_defined_values Sequence[InsightFiltersUserDefinedValue]
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    verification_states Sequence[InsightFiltersVerificationState]
    The veracity of a finding. See String Filter below for more details.
    workflow_statuses Sequence[InsightFiltersWorkflowStatus]
    The status of the investigation into a finding. See Workflow Status Filter below for more details.
    awsAccountIds List<Property Map>
    AWS account ID that a finding is generated in. See String_Filter below for more details.
    companyNames List<Property Map>
    The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
    complianceStatuses List<Property Map>
    Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
    confidences List<Property Map>
    A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    createdAts List<Property Map>
    An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
    criticalities List<Property Map>
    The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    descriptions List<Property Map>
    A finding's description. See String Filter below for more details.
    findingProviderFieldsConfidences List<Property Map>
    The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
    findingProviderFieldsCriticalities List<Property Map>
    The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
    findingProviderFieldsRelatedFindingsIds List<Property Map>
    The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsRelatedFindingsProductArns List<Property Map>
    The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
    findingProviderFieldsSeverityLabels List<Property Map>
    The finding provider value for the severity label. See String Filter below for more details.
    findingProviderFieldsSeverityOriginals List<Property Map>
    The finding provider's original value for the severity. See String Filter below for more details.
    findingProviderFieldsTypes List<Property Map>
    One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding. Valid namespace values include: Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, and Sensitive Data Identifications. See String Filter below for more details.
    firstObservedAts List<Property Map>
    An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
    generatorIds List<Property Map>
    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
    ids List<Property Map>
    The security findings provider-specific identifier for a finding. See String Filter below for more details.
    keywords List<Property Map>
    A keyword for a finding. See Keyword Filter below for more details.
    lastObservedAts List<Property Map>
    An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
    malwareNames List<Property Map>
    The name of the malware that was observed. See String Filter below for more details.
    malwarePaths List<Property Map>
    The filesystem path of the malware that was observed. See String Filter below for more details.
    malwareStates List<Property Map>
    The state of the malware that was observed. See String Filter below for more details.
    malwareTypes List<Property Map>
    The type of the malware that was observed. See String Filter below for more details.
    networkDestinationDomains List<Property Map>
    The destination domain of network-related information about a finding. See String Filter below for more details.
    networkDestinationIpv4s List<Property Map>
    The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationIpv6s List<Property Map>
    The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkDestinationPorts List<Property Map>
    The destination port of network-related information about a finding. See Number Filter below for more details.
    networkDirections List<Property Map>
    Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
    networkProtocols List<Property Map>
    The protocol of network-related information about a finding. See String Filter below for more details.
    networkSourceDomains List<Property Map>
    The source domain of network-related information about a finding. See String Filter below for more details.
    networkSourceIpv4s List<Property Map>
    The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceIpv6s List<Property Map>
    The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
    networkSourceMacs List<Property Map>
    The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
    networkSourcePorts List<Property Map>
    The source port of network-related information about a finding. See Number Filter below for more details.
    noteTexts List<Property Map>
    The text of a note. See String Filter below for more details.
    noteUpdatedAts List<Property Map>
    The timestamp of when the note was updated. See Date Filter below for more details.
    noteUpdatedBies List<Property Map>
    The principal that created a note. See String Filter below for more details.
    processLaunchedAts List<Property Map>
    The date/time that the process was launched. See Date Filter below for more details.
    processNames List<Property Map>
    The name of the process. See String Filter below for more details.
    processParentPids List<Property Map>
    The parent process ID. See Number Filter below for more details.
    processPaths List<Property Map>
    The path to the process executable. See String Filter below for more details.
    processPids List<Property Map>
    The process ID. See Number Filter below for more details.
    processTerminatedAts List<Property Map>
    The date/time that the process was terminated. See Date Filter below for more details.
    productArns List<Property Map>
    The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
    productFields List<Property Map>
    A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. See Map Filter below for more details.
    productNames List<Property Map>
    The name of the solution (product) that generates findings. See String Filter below for more details.
    recommendationTexts List<Property Map>
    The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
    recordStates List<Property Map>
    The updated record state for the finding. See String Filter below for more details.
    relatedFindingsIds List<Property Map>
    The solution-generated identifier for a related finding. See String Filter below for more details.
    relatedFindingsProductArns List<Property Map>
    The ARN of the solution that generated a related finding. See String Filter below for more details.
    resourceAwsEc2InstanceIamInstanceProfileArns List<Property Map>
    The IAM profile ARN of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceImageIds List<Property Map>
    The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceIpv4Addresses List<Property Map>
    The IPv4 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceIpv6Addresses List<Property Map>
    The IPv6 addresses associated with the instance. See Ip Filter below for more details.
    resourceAwsEc2InstanceKeyNames List<Property Map>
    The key name associated with the instance. See String Filter below for more details.
    resourceAwsEc2InstanceLaunchedAts List<Property Map>
    The date and time the instance was launched. See Date Filter below for more details.
    resourceAwsEc2InstanceSubnetIds List<Property Map>
    The identifier of the subnet that the instance was launched in. See String Filter below for more details.
    resourceAwsEc2InstanceTypes List<Property Map>
    The instance type of the instance. See String Filter below for more details.
    resourceAwsEc2InstanceVpcIds List<Property Map>
    The identifier of the VPC that the instance was launched in. See String Filter below for more details.
    resourceAwsIamAccessKeyCreatedAts List<Property Map>
    The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
    resourceAwsIamAccessKeyStatuses List<Property Map>
    The status of the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsIamAccessKeyUserNames List<Property Map>
    The user associated with the IAM access key related to a finding. See String Filter below for more details.
    resourceAwsS3BucketOwnerIds List<Property Map>
    The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
    resourceAwsS3BucketOwnerNames List<Property Map>
    The display name of the owner of the S3 bucket. See String Filter below for more details.
    resourceContainerImageIds List<Property Map>
    The identifier of the image related to a finding. See String Filter below for more details.
    resourceContainerImageNames List<Property Map>
    The name of the image related to a finding. See String Filter below for more details.
    resourceContainerLaunchedAts List<Property Map>
    The date/time that the container was started. See Date Filter below for more details.
    resourceContainerNames List<Property Map>
    The name of the container related to a finding. See String Filter below for more details.
    resourceDetailsOthers List<Property Map>
    The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
    resourceIds List<Property Map>
    The canonical identifier for the given resource type. See String Filter below for more details.
    resourcePartitions List<Property Map>
    The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
    resourceRegions List<Property Map>
    The canonical AWS external Region name where this resource is located. See String Filter below for more details.
    resourceTags List<Property Map>
    A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
    resourceTypes List<Property Map>
    Specifies the type of the resource that details are provided for. See String Filter below for more details.
    severityLabels List<Property Map>
    The label of a finding's severity. See String Filter below for more details.
    sourceUrls List<Property Map>
    A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
    threatIntelIndicatorCategories List<Property Map>
    The category of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorLastObservedAts List<Property Map>
    The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
    threatIntelIndicatorSourceUrls List<Property Map>
    The URL for more details from the source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorSources List<Property Map>
    The source of the threat intelligence. See String Filter below for more details.
    threatIntelIndicatorTypes List<Property Map>
    The type of a threat intelligence indicator. See String Filter below for more details.
    threatIntelIndicatorValues List<Property Map>
    The value of a threat intelligence indicator. See String Filter below for more details.
    titles List<Property Map>
    A finding's title. See String Filter below for more details.
    types List<Property Map>
    A finding type in the format of namespace/category/classifier that classifies a finding. See String Filter below for more details.
    updatedAts List<Property Map>
    An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
    userDefinedValues List<Property Map>
    A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
    verificationStates List<Property Map>
    The veracity of a finding. See String Filter below for more details.
    workflowStatuses List<Property Map>
    The status of the investigation into a finding. See Workflow Status Filter below for more details.

    InsightFiltersAwsAccountId, InsightFiltersAwsAccountIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    InsightFiltersCompanyName, InsightFiltersCompanyNameArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    InsightFiltersComplianceStatus, InsightFiltersComplianceStatusArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    InsightFiltersConfidence, InsightFiltersConfidenceArgs

    Eq string
    Gte string
    Lte string
    Eq string
    Gte string
    Lte string
    eq String
    gte String
    lte String
    eq string
    gte string
    lte string
    eq str
    gte str
    lte str
    eq String
    gte String
    lte String

    InsightFiltersCreatedAt, InsightFiltersCreatedAtArgs

    InsightFiltersCreatedAtDateRange, InsightFiltersCreatedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    InsightFiltersCriticality, InsightFiltersCriticalityArgs

    Eq string
    Gte string
    Lte string
    Eq string
    Gte string
    Lte string
    eq String
    gte String
    lte String
    eq string
    gte string
    lte string
    eq str
    gte str
    lte str
    eq String
    gte String
    lte String

    InsightFiltersDescription, InsightFiltersDescriptionArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    InsightFiltersFindingProviderFieldsConfidence, InsightFiltersFindingProviderFieldsConfidenceArgs

    Eq string
    Gte string
    Lte string
    Eq string
    Gte string
    Lte string
    eq String
    gte String
    lte String
    eq string
    gte string
    lte string
    eq str
    gte str
    lte str
    eq String
    gte String
    lte String

    InsightFiltersFindingProviderFieldsCriticality, InsightFiltersFindingProviderFieldsCriticalityArgs

    Eq string
    Gte string
    Lte string
    Eq string
    Gte string
    Lte string
    eq String
    gte String
    lte String
    eq string
    gte string
    lte string
    eq str
    gte str
    lte