Class CfnAutomationRuleProps
Properties for defining a CfnAutomationRule.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.SecurityHub
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnAutomationRuleProps : Object, ICfnAutomationRulePropsSyntax (vb)
Public Class CfnAutomationRuleProps
Inherits Object
Implements ICfnAutomationRulePropsRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.SecurityHub;
var id;
var updatedBy;
var cfnAutomationRuleProps = new CfnAutomationRuleProps {
Actions = new [] { new AutomationRulesActionProperty {
FindingFieldsUpdate = new AutomationRulesFindingFieldsUpdateProperty {
Confidence = 123,
Criticality = 123,
Note = new NoteUpdateProperty {
Text = "text",
UpdatedBy = updatedBy
},
RelatedFindings = new [] { new RelatedFindingProperty {
Id = id,
ProductArn = "productArn"
} },
Severity = new SeverityUpdateProperty {
Label = "label",
Normalized = 123,
Product = 123
},
Types = new [] { "types" },
UserDefinedFields = new Dictionary<string, string> {
{ "userDefinedFieldsKey", "userDefinedFields" }
},
VerificationState = "verificationState",
Workflow = new WorkflowUpdateProperty {
Status = "status"
}
},
Type = "type"
} },
Criteria = new AutomationRulesFindingFiltersProperty {
AwsAccountId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
CompanyName = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ComplianceAssociatedStandardsId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ComplianceSecurityControlId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ComplianceStatus = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
Confidence = new [] { new NumberFilterProperty {
Eq = 123,
Gte = 123,
Lte = 123
} },
CreatedAt = new [] { new DateFilterProperty {
DateRange = new DateRangeProperty {
Unit = "unit",
Value = 123
},
End = "end",
Start = "start"
} },
Criticality = new [] { new NumberFilterProperty {
Eq = 123,
Gte = 123,
Lte = 123
} },
Description = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
FirstObservedAt = new [] { new DateFilterProperty {
DateRange = new DateRangeProperty {
Unit = "unit",
Value = 123
},
End = "end",
Start = "start"
} },
GeneratorId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
Id = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
LastObservedAt = new [] { new DateFilterProperty {
DateRange = new DateRangeProperty {
Unit = "unit",
Value = 123
},
End = "end",
Start = "start"
} },
NoteText = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
NoteUpdatedAt = new [] { new DateFilterProperty {
DateRange = new DateRangeProperty {
Unit = "unit",
Value = 123
},
End = "end",
Start = "start"
} },
NoteUpdatedBy = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ProductArn = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ProductName = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
RecordState = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
RelatedFindingsId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
RelatedFindingsProductArn = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ResourceDetailsOther = new [] { new MapFilterProperty {
Comparison = "comparison",
Key = "key",
Value = "value"
} },
ResourceId = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ResourcePartition = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ResourceRegion = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
ResourceTags = new [] { new MapFilterProperty {
Comparison = "comparison",
Key = "key",
Value = "value"
} },
ResourceType = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
SeverityLabel = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
SourceUrl = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
Title = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
Type = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
UpdatedAt = new [] { new DateFilterProperty {
DateRange = new DateRangeProperty {
Unit = "unit",
Value = 123
},
End = "end",
Start = "start"
} },
UserDefinedFields = new [] { new MapFilterProperty {
Comparison = "comparison",
Key = "key",
Value = "value"
} },
VerificationState = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} },
WorkflowStatus = new [] { new StringFilterProperty {
Comparison = "comparison",
Value = "value"
} }
},
Description = "description",
RuleName = "ruleName",
RuleOrder = 123,
// the properties below are optional
IsTerminal = false,
RuleStatus = "ruleStatus",
Tags = new Dictionary<string, string> {
{ "tagsKey", "tags" }
}
};Synopsis
Constructors
| CfnAutomationRuleProps() |
Properties
| Actions | One or more actions to update finding fields if a finding matches the conditions specified in |
| Criteria | A set of AWS Security Finding Format (ASFF) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding. |
| Description | A description of the rule. |
| IsTerminal | Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. |
| RuleName | The name of the rule. |
| RuleOrder | An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. |
| RuleStatus | Whether the rule is active after it is created. |
| Tags | User-defined tags associated with an automation rule. |
Constructors
CfnAutomationRuleProps()
public CfnAutomationRuleProps()Properties
Actions
One or more actions to update finding fields if a finding matches the conditions specified in Criteria .
public object Actions { get; set; }Property Value
System.Object
Remarks
Criteria
A set of AWS Security Finding Format (ASFF) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.
public object Criteria { get; set; }Property Value
System.Object
Remarks
Description
A description of the rule.
public string Description { get; set; }Property Value
System.String
Remarks
IsTerminal
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria.
public object IsTerminal { get; set; }Property Value
System.Object
Remarks
This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.
RuleName
The name of the rule.
public string RuleName { get; set; }Property Value
System.String
Remarks
RuleOrder
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings.
public double RuleOrder { get; set; }Property Value
System.Double
Remarks
Security Hub applies rules with lower values for this parameter first.
RuleStatus
Whether the rule is active after it is created.
public string RuleStatus { get; set; }Property Value
System.String
Remarks
If this parameter is equal to ENABLED , Security Hub applies the rule to findings and finding updates after the rule is created.
Tags
User-defined tags associated with an automation rule.
public IDictionary<string, string> Tags { get; set; }Property Value
System.Collections.Generic.IDictionary<System.String, System.String>