CfnConfigurationPolicyProps
- class aws_cdk.aws_securityhub.CfnConfigurationPolicyProps(*, configuration_policy, name, description=None, tags=None)
Bases:
object
Properties for defining a
CfnConfigurationPolicy
.- Parameters:
configuration_policy (
Union
[IResolvable
,PolicyProperty
,Dict
[str
,Any
]]) – An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).name (
str
) – The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted:-, ., !, *, /
.description (
Optional
[str
]) – The description of the configuration policy.tags (
Optional
[Mapping
[str
,str
]]) – User-defined tags associated with a configuration policy. For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_securityhub as securityhub cfn_configuration_policy_props = securityhub.CfnConfigurationPolicyProps( configuration_policy=securityhub.CfnConfigurationPolicy.PolicyProperty( security_hub=securityhub.CfnConfigurationPolicy.SecurityHubPolicyProperty( enabled_standard_identifiers=["enabledStandardIdentifiers"], security_controls_configuration=securityhub.CfnConfigurationPolicy.SecurityControlsConfigurationProperty( disabled_security_control_identifiers=["disabledSecurityControlIdentifiers"], enabled_security_control_identifiers=["enabledSecurityControlIdentifiers"], security_control_custom_parameters=[securityhub.CfnConfigurationPolicy.SecurityControlCustomParameterProperty( parameters={ "parameters_key": securityhub.CfnConfigurationPolicy.ParameterConfigurationProperty( value_type="valueType", # the properties below are optional value=securityhub.CfnConfigurationPolicy.ParameterValueProperty( boolean=False, double=123, enum="enum", enum_list=["enumList"], integer=123, integer_list=[123], string="string", string_list=["stringList"] ) ) }, security_control_id="securityControlId" )] ), service_enabled=False ) ), name="name", # the properties below are optional description="description", tags={ "tags_key": "tags" } )
Attributes
- configuration_policy
An object that defines how AWS Security Hub is configured.
It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
- description
The description of the configuration policy.
- name
The name of the configuration policy.
Alphanumeric characters and the following ASCII characters are permitted:
-, ., !, *, /
.
- tags
User-defined tags associated with a configuration policy.
For more information, see Tagging AWS Security Hub resources in the Security Hub user guide .