Class CfnAutomationRule.StringFilterProperty.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<CfnAutomationRule.StringFilterProperty>
- Enclosing interface:
CfnAutomationRule.StringFilterProperty
CfnAutomationRule.StringFilterProperty
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionbuild()
Builds the configured instance.comparison
(String comparison) Sets the value ofCfnAutomationRule.StringFilterProperty.getComparison()
Sets the value ofCfnAutomationRule.StringFilterProperty.getValue()
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
comparison
@Stability(Stable) public CfnAutomationRule.StringFilterProperty.Builder comparison(String comparison) Sets the value ofCfnAutomationRule.StringFilterProperty.getComparison()
- Parameters:
comparison
- The condition to apply to a string value when filtering Security Hub findings. This parameter is required. To search for values that have the filter value, use one of the following comparison operators:- To search for values that include the filter value, use
CONTAINS
. For example, the filterTitle CONTAINS CloudFront
matches findings that have aTitle
that includes the string CloudFront. - To search for values that exactly match the filter value, use
EQUALS
. For example, the filterAwsAccountId EQUALS 123456789012
only matches findings that have an account ID of123456789012
. - To search for values that start with the filter value, use
PREFIX
. For example, the filterResourceRegion PREFIX us
matches findings that have aResourceRegion
that starts withus
. AResourceRegion
that starts with a different value, such asaf
,ap
, orca
, doesn't match.
CONTAINS
,EQUALS
, andPREFIX
filters on the same field are joined byOR
. A finding matches if it matches any one of those filters. For example, the filtersTitle CONTAINS CloudFront OR Title CONTAINS CloudWatch
match a finding that includes eitherCloudFront
,CloudWatch
, or both strings in the title.To search for values that don’t have the filter value, use one of the following comparison operators:
- To search for values that exclude the filter value, use
NOT_CONTAINS
. For example, the filterTitle NOT_CONTAINS CloudFront
matches findings that have aTitle
that excludes the string CloudFront. - To search for values other than the filter value, use
NOT_EQUALS
. For example, the filterAwsAccountId NOT_EQUALS 123456789012
only matches findings that have an account ID other than123456789012
. - To search for values that don't start with the filter value, use
PREFIX_NOT_EQUALS
. For example, the filterResourceRegion PREFIX_NOT_EQUALS us
matches findings with aResourceRegion
that starts with a value other thanus
.
NOT_CONTAINS
,NOT_EQUALS
, andPREFIX_NOT_EQUALS
filters on the same field are joined byAND
. A finding matches only if it matches all of those filters. For example, the filtersTitle NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch
match a finding that excludes bothCloudFront
andCloudWatch
in the title.You can’t have both a
CONTAINS
filter and aNOT_CONTAINS
filter on the same field. Similarly, you can't provide both anEQUALS
filter and aNOT_EQUALS
orPREFIX_NOT_EQUALS
filter on the same field. Combining filters in this way returns an error.CONTAINS
filters can only be used with otherCONTAINS
filters.NOT_CONTAINS
filters can only be used with otherNOT_CONTAINS
filters.You can combine
PREFIX
filters withNOT_EQUALS
orPREFIX_NOT_EQUALS
filters for the same field. Security Hub first processes thePREFIX
filters, and then theNOT_EQUALS
orPREFIX_NOT_EQUALS
filters.For example, for the following filters, Security Hub first identifies findings that have resource types that start with either
AwsIam
orAwsEc2
. It then excludes findings that have a resource type ofAwsIamPolicy
and findings that have a resource type ofAwsEc2NetworkInterface
.ResourceType PREFIX AwsIam
ResourceType PREFIX AwsEc2
ResourceType NOT_EQUALS AwsIamPolicy
ResourceType NOT_EQUALS AwsEc2NetworkInterface
CONTAINS
andNOT_CONTAINS
operators can be used only with automation rules. For more information, see Automation rules in the AWS Security Hub User Guide .- To search for values that include the filter value, use
- Returns:
this
-
value
Sets the value ofCfnAutomationRule.StringFilterProperty.getValue()
- Parameters:
value
- The string filter value. This parameter is required. Filter values are case sensitive. For example, the product name for control-based findings isSecurity Hub
. If you providesecurity hub
as the filter value, there's no match.- Returns:
this
-
build
Builds the configured instance.- Specified by:
build
in interfacesoftware.amazon.jsii.Builder<CfnAutomationRule.StringFilterProperty>
- Returns:
- a new instance of
CfnAutomationRule.StringFilterProperty
- Throws:
NullPointerException
- if any required attribute was not provided
-