Package software.amazon.awscdk.services.securityhub

Interface CfnAutomationRule.StringFilterProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnAutomationRule.StringFilterProperty.Jsii$Proxy

Enclosing class:

CfnAutomationRule

@Stability(Stable)
public static interface CfnAutomationRule.StringFilterProperty
extends software.amazon.jsii.JsiiSerializable

A string filter for filtering Security Hub findings.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.securityhub.*;
 StringFilterProperty stringFilterProperty = StringFilterProperty.builder()
         .comparison("comparison")
         .value("value")
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-stringfilter.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnAutomationRule.StringFilterProperty.Builder	A builder for CfnAutomationRule.StringFilterProperty
static final class	CfnAutomationRule.StringFilterProperty.Jsii$Proxy	An implementation for CfnAutomationRule.StringFilterProperty

Method Summary

Modifier and Type	Method	Description
static CfnAutomationRule.StringFilterProperty.Builder	builder()
String	getComparison()	The condition to apply to a string value when filtering Security Hub findings.
String	getValue()	The string filter value.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getComparison

@Stability(Stable)
@NotNull
String getComparison()

The condition to apply to a string value when filtering Security Hub findings.

To search for values that have the filter value, use one of the following comparison operators:

• To search for values that include the filter value, use CONTAINS . For example, the filter Title CONTAINS CloudFront matches findings that have a Title that includes the string CloudFront.
• To search for values that exactly match the filter value, use EQUALS . For example, the filter AwsAccountId EQUALS 123456789012 only matches findings that have an account ID of 123456789012 .
• To search for values that start with the filter value, use PREFIX . For example, the filter ResourceRegion PREFIX us matches findings that have a ResourceRegion that starts with us . A ResourceRegion that starts with a different value, such as af , ap , or ca , doesn't match.

CONTAINS , EQUALS , and PREFIX filters on the same field are joined by OR . A finding matches if it matches any one of those filters. For example, the filters Title CONTAINS CloudFront OR Title CONTAINS CloudWatch match a finding that includes either CloudFront , CloudWatch , or both strings in the title.

To search for values that don’t have the filter value, use one of the following comparison operators:

• To search for values that exclude the filter value, use NOT_CONTAINS . For example, the filter Title NOT_CONTAINS CloudFront matches findings that have a Title that excludes the string CloudFront.
• To search for values other than the filter value, use NOT_EQUALS . For example, the filter AwsAccountId NOT_EQUALS 123456789012 only matches findings that have an account ID other than 123456789012 .
• To search for values that don't start with the filter value, use PREFIX_NOT_EQUALS . For example, the filter ResourceRegion PREFIX_NOT_EQUALS us matches findings with a ResourceRegion that starts with a value other than us .

NOT_CONTAINS , NOT_EQUALS , and PREFIX_NOT_EQUALS filters on the same field are joined by AND . A finding matches only if it matches all of those filters. For example, the filters Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch match a finding that excludes both CloudFront and CloudWatch in the title.

You can’t have both a CONTAINS filter and a NOT_CONTAINS filter on the same field. Similarly, you can't provide both an EQUALS filter and a NOT_EQUALS or PREFIX_NOT_EQUALS filter on the same field. Combining filters in this way returns an error. CONTAINS filters can only be used with other CONTAINS filters. NOT_CONTAINS filters can only be used with other NOT_CONTAINS filters.

You can combine PREFIX filters with NOT_EQUALS or PREFIX_NOT_EQUALS filters for the same field. Security Hub first processes the PREFIX filters, and then the NOT_EQUALS or PREFIX_NOT_EQUALS filters.

For example, for the following filters, Security Hub first identifies findings that have resource types that start with either AwsIam or AwsEc2 . It then excludes findings that have a resource type of AwsIamPolicy and findings that have a resource type of AwsEc2NetworkInterface .

• ResourceType PREFIX AwsIam
• ResourceType PREFIX AwsEc2
• ResourceType NOT_EQUALS AwsIamPolicy
• ResourceType NOT_EQUALS AwsEc2NetworkInterface

CONTAINS and NOT_CONTAINS operators can be used only with automation rules V1. CONTAINS_WORD operator is only supported in GetFindingsV2 , GetFindingStatisticsV2 , GetResourcesV2 , and GetResourceStatisticsV2 APIs. For more information, see Automation rules in the Security Hub User Guide .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-stringfilter.html#cfn-securityhub-automationrule-stringfilter-comparison

getValue

@Stability(Stable)
@NotNull
String getValue()

The string filter value.

Filter values are case sensitive. For example, the product name for control-based findings is Security Hub . If you provide security hub as the filter value, there's no match.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-stringfilter.html#cfn-securityhub-automationrule-stringfilter-value

builder

@Stability(Stable)
static CfnAutomationRule.StringFilterProperty.Builder builder()

Returns:

a CfnAutomationRule.StringFilterProperty.Builder of CfnAutomationRule.StringFilterProperty