interface MapFilterProperty
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.SecurityHub.CfnAutomationRule.MapFilterProperty |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awssecurityhub#CfnAutomationRule_MapFilterProperty |
![]() | software.amazon.awscdk.services.securityhub.CfnAutomationRule.MapFilterProperty |
![]() | aws_cdk.aws_securityhub.CfnAutomationRule.MapFilterProperty |
![]() | aws-cdk-lib » aws_securityhub » CfnAutomationRule » MapFilterProperty |
A map filter for filtering AWS Security Hub findings.
Each map filter provides the field to check for, the value to check for, and the comparison operator.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_securityhub as securityhub } from 'aws-cdk-lib';
const mapFilterProperty: securityhub.CfnAutomationRule.MapFilterProperty = {
comparison: 'comparison',
key: 'key',
value: 'value',
};
Properties
Name | Type | Description |
---|---|---|
comparison | string | The condition to apply to the key value when filtering Security Hub findings with a map filter. |
key | string | The key of the map filter. |
value | string | The value for the key in the map filter. |
comparison
Type:
string
The condition to apply to the key value when filtering Security Hub findings with a map filter.
To search for values that have the filter value, use one of the following comparison operators:
- To search for values that include the filter value, use
CONTAINS
. For example, for theResourceTags
field, the filterDepartment CONTAINS Security
matches findings that include the valueSecurity
for theDepartment
tag. In the same example, a finding with a value ofSecurity team
for theDepartment
tag is a match. - To search for values that exactly match the filter value, use
EQUALS
. For example, for theResourceTags
field, the filterDepartment EQUALS Security
matches findings that have the valueSecurity
for theDepartment
tag.
CONTAINS
and EQUALS
filters on the same field are joined by OR
. A finding matches if it matches any one of those filters. For example, the filters Department CONTAINS Security OR Department CONTAINS Finance
match a finding that includes either Security
, Finance
, or both values.
To search for values that don't have the filter value, use one of the following comparison operators:
- To search for values that exclude the filter value, use
NOT_CONTAINS
. For example, for theResourceTags
field, the filterDepartment NOT_CONTAINS Finance
matches findings that exclude the valueFinance
for theDepartment
tag. - To search for values other than the filter value, use
NOT_EQUALS
. For example, for theResourceTags
field, the filterDepartment NOT_EQUALS Finance
matches findings that don’t have the valueFinance
for theDepartment
tag.
NOT_CONTAINS
and NOT_EQUALS
filters on the same field are joined by AND
. A finding matches only if it matches all of those filters. For example, the filters Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance
match a finding that excludes both the Security
and Finance
values.
CONTAINS
filters can only be used with other CONTAINS
filters. NOT_CONTAINS
filters can only be used with other NOT_CONTAINS
filters.
You can’t have both a CONTAINS
filter and a NOT_CONTAINS
filter on the same field. Similarly, you can’t have both an EQUALS
filter and a NOT_EQUALS
filter on the same field. Combining filters in this way returns an error.
CONTAINS
and NOT_CONTAINS
operators can be used only with automation rules. For more information, see Automation rules in the AWS Security Hub User Guide .
key
Type:
string
The key of the map filter.
For example, for ResourceTags
, Key
identifies the name of the tag. For UserDefinedFields
, Key
is the name of the field.
value
Type:
string
The value for the key in the map filter.
Filter values are case sensitive. For example, one of the values for a tag called Department
might be Security
. If you provide security
as the filter value, then there's no match.