You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::StringFilter
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::StringFilter
- Defined in:
- (unknown)
Overview
When passing StringFilter as input to an Aws::Client method, you can use a vanilla Hash:
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
}
A string filter for querying findings.
Instance Attribute Summary collapse
-
#comparison ⇒ String
The condition to apply to a string value when querying for findings.
-
#value ⇒ String
The string filter value.
Instance Attribute Details
#comparison ⇒ String
The condition to apply to a string value when querying for findings. To search for values that contain the filter criteria value, use one of the following comparison operators:
To search for values that exactly match the filter value, use
EQUALS
.For example, the filter
ResourceType EQUALS AwsEc2SecurityGroup
only matches findings that have a resource type ofAwsEc2SecurityGroup
.To search for values that start with the filter value, use
PREFIX
.For example, the filter
ResourceType PREFIX AwsIam
matches findings that have a resource type that starts withAwsIam
. Findings with a resource type ofAwsIamPolicy
,AwsIamRole
, orAwsIamUser
would all match.
EQUALS
and PREFIX
filters on the same field are joined by OR
. A
finding matches if it matches any one of those filters.
To search for values that do not contain the filter criteria value, use one of the following comparison operators:
To search for values that do not exactly match the filter value, use
NOT_EQUALS
.For example, the filter
ResourceType NOT_EQUALS AwsIamPolicy
matches findings that have a resource type other thanAwsIamPolicy
.To search for values that do not start with the filter value, use
PREFIX_NOT_EQUALS
.For example, the filter
ResourceType PREFIX_NOT_EQUALS AwsIam
matches findings that have a resource type that does not start withAwsIam
. Findings with a resource type ofAwsIamPolicy
,AwsIamRole
, orAwsIamUser
would all be excluded from the results.
NOT_EQUALS
and PREFIX_NOT_EQUALS
filters on the same field are
joined by AND
. A finding matches only if it matches all of those
filters.
For filters on the same field, you cannot provide both an EQUALS
filter and a NOT_EQUALS
or PREFIX_NOT_EQUALS
filter. Combining
filters in this way always returns an error, even if the provided filter
values would return valid results.
You can combine PREFIX
filters with NOT_EQUALS
or
PREFIX_NOT_EQUALS
filters for the same field. Security Hub first
processes the PREFIX
filters, then the NOT_EQUALS
or
PREFIX_NOT_EQUALS
filters.
For example, for the following filter, Security Hub first identifies
findings that have resource types that start with either AwsIAM
or
AwsEc2
. It then excludes findings that have a resource type of
AwsIamPolicy
and findings that have a resource type of
AwsEc2NetworkInterface
.
ResourceType PREFIX AwsIam
ResourceType PREFIX AwsEc2
ResourceType NOT_EQUALS AwsIamPolicy
ResourceType NOT_EQUALS AwsEc2NetworkInterface
Possible values:
- EQUALS
- PREFIX
- NOT_EQUALS
- PREFIX_NOT_EQUALS
#value ⇒ String
The string filter value. Filter values are case sensitive. For example,
the product name for control-based findings is Security Hub
. If you
provide security hub
as the filter text, then there is no match.