2.235.0

interface PolicyProperty

LanguageType name
.NETAmazon.CDK.Mixins.Preview.AWS.SecurityHub.Mixins.CfnConfigurationPolicyPropsMixin.PolicyProperty
Gogithub.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awssecurityhub/mixins#CfnConfigurationPolicyPropsMixin_PolicyProperty
Javasoftware.amazon.awscdk.mixins.preview.services.securityhub.mixins.CfnConfigurationPolicyPropsMixin.PolicyProperty
Pythonaws_cdk.mixins_preview.aws_securityhub.mixins.CfnConfigurationPolicyPropsMixin.PolicyProperty
TypeScript @aws-cdk/mixins-preview » aws_securityhub » mixins » CfnConfigurationPolicyPropsMixin » PolicyProperty

An object that defines how AWS Security Hub CSPM is configured.

It includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls).

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-policy.html

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { mixins as securityhub_mixins } from '@aws-cdk/mixins-preview/aws-securityhub';
const policyProperty: securityhub_mixins.CfnConfigurationPolicyPropsMixin.PolicyProperty = {
  securityHub: {
    enabledStandardIdentifiers: ['enabledStandardIdentifiers'],
    securityControlsConfiguration: {
      disabledSecurityControlIdentifiers: ['disabledSecurityControlIdentifiers'],
      enabledSecurityControlIdentifiers: ['enabledSecurityControlIdentifiers'],
      securityControlCustomParameters: [{
        parameters: {
          parametersKey: {
            value: {
              boolean: false,
              double: 123,
              enum: 'enum',
              enumList: ['enumList'],
              integer: 123,
              integerList: [123],
              string: 'string',
              stringList: ['stringList'],
            },
            valueType: 'valueType',
          },
        },
        securityControlId: 'securityControlId',
      }],
    },
    serviceEnabled: false,
  },
};

Properties

NameTypeDescription
securityHub?IResolvable | SecurityHubPolicyPropertyThe AWS service that the configuration policy applies to.

securityHub?

Type: IResolvable | SecurityHubPolicyProperty (optional)

The AWS service that the configuration policy applies to.

See also: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-policy.html#cfn-securityhub-configurationpolicy-policy-securityhub

PreviousNext