Class: Aws::AuditManager::Types::SourceKeyword

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-auditmanager/lib/aws-sdk-auditmanager/types.rb

Overview

Note:

When making an API call, you may pass SourceKeyword data as a hash:

{
  keyword_input_type: "SELECT_FROM_LIST", # accepts SELECT_FROM_LIST
  keyword_value: "KeywordValue",
}

The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#keyword_input_typeString

The input method for the keyword.

Returns:

  • (String)


4382
4383
4384
4385
4386
4387
# File 'gems/aws-sdk-auditmanager/lib/aws-sdk-auditmanager/types.rb', line 4382

class SourceKeyword < Struct.new(
  :keyword_input_type,
  :keyword_value)
  SENSITIVE = []
  include Aws::Structure
end

#keyword_valueString

The value of the keyword that's used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call.

If you’re mapping a data source to a rule in Config, the keywordValue that you specify depends on the type of rule:

  • For managed rules, you can use the rule identifier as the keywordValue. You can find the rule identifier from the list of Config managed rules.

  • For custom rules, you form the keywordValue by adding the Custom_ prefix to the rule name. This prefix distinguishes the rule from a managed rule.

    • Custom rule name: my-custom-config-rule

      keywordValue: Custom_my-custom-config-rule

  • For service-linked rules, you form the keywordValue by adding the Custom_ prefix to the rule name. In addition, you remove the suffix ID that appears at the end of the rule name.

    • Service-linked rule name: CustomRuleForAccount-conformance-pack-szsm1uv0w

      keywordValue: Custom_CustomRuleForAccount-conformance-pack

    • Service-linked rule name: securityhub-api-gw-cache-encrypted-101104e1

      keywordValue: Custom_securityhub-api-gw-cache-encrypted

    • Service-linked rule name: OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba

      keywordValue: Custom_OrgConfigRule-s3-bucket-versioning-enabled

Returns:

  • (String)


4382
4383
4384
4385
4386
4387
# File 'gems/aws-sdk-auditmanager/lib/aws-sdk-auditmanager/types.rb', line 4382

class SourceKeyword < Struct.new(
  :keyword_input_type,
  :keyword_value)
  SENSITIVE = []
  include Aws::Structure
end