Package software.amazon.awscdk.services.securityhub

Interface CfnConfigurationPolicy.SecurityHubPolicyProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnConfigurationPolicy.SecurityHubPolicyProperty.Jsii$Proxy

Enclosing class:

CfnConfigurationPolicy

@Stability(Stable)
public static interface CfnConfigurationPolicy.SecurityHubPolicyProperty
extends software.amazon.jsii.JsiiSerializable

An object that defines how AWS Security Hub is configured.

The configuration policy includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.securityhub.*;
 SecurityHubPolicyProperty securityHubPolicyProperty = SecurityHubPolicyProperty.builder()
         .enabledStandardIdentifiers(List.of("enabledStandardIdentifiers"))
         .securityControlsConfiguration(SecurityControlsConfigurationProperty.builder()
                 .disabledSecurityControlIdentifiers(List.of("disabledSecurityControlIdentifiers"))
                 .enabledSecurityControlIdentifiers(List.of("enabledSecurityControlIdentifiers"))
                 .securityControlCustomParameters(List.of(SecurityControlCustomParameterProperty.builder()
                         .parameters(Map.of(
                                 "parametersKey", ParameterConfigurationProperty.builder()
                                         .valueType("valueType")
                                         // the properties below are optional
                                         .value(ParameterValueProperty.builder()
                                                 .boolean(false)
                                                 .double(123)
                                                 .enum("enum")
                                                 .enumList(List.of("enumList"))
                                                 .integer(123)
                                                 .integerList(List.of(123))
                                                 .string("string")
                                                 .stringList(List.of("stringList"))
                                                 .build())
                                         .build()))
                         .securityControlId("securityControlId")
                         .build()))
                 .build())
         .serviceEnabled(false)
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-securityhubpolicy.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnConfigurationPolicy.SecurityHubPolicyProperty.Builder	A builder for CfnConfigurationPolicy.SecurityHubPolicyProperty
static final class	CfnConfigurationPolicy.SecurityHubPolicyProperty.Jsii$Proxy	An implementation for CfnConfigurationPolicy.SecurityHubPolicyProperty

Method Summary

Modifier and Type	Method	Description
static CfnConfigurationPolicy.SecurityHubPolicyProperty.Builder	builder()
default List<String>	getEnabledStandardIdentifiers()	A list that defines which security standards are enabled in the configuration policy.
default Object	getSecurityControlsConfiguration()	An object that defines which security controls are enabled in the configuration policy.
default Object	getServiceEnabled()	Indicates whether Security Hub is enabled in the policy.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getEnabledStandardIdentifiers

@Stability(Stable)
@Nullable
default List<String> getEnabledStandardIdentifiers()

A list that defines which security standards are enabled in the configuration policy.

This property is required only if ServiceEnabled is set to true in your configuration policy.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-securityhubpolicy.html#cfn-securityhub-configurationpolicy-securityhubpolicy-enabledstandardidentifiers

getSecurityControlsConfiguration

@Stability(Stable)
@Nullable
default Object getSecurityControlsConfiguration()

An object that defines which security controls are enabled in the configuration policy.

The enablement status of a control is aligned across all of the enabled standards in an account.

This property is required only if ServiceEnabled is set to true in your configuration policy.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-securityhubpolicy.html#cfn-securityhub-configurationpolicy-securityhubpolicy-securitycontrolsconfiguration

getServiceEnabled

@Stability(Stable)
@Nullable
default Object getServiceEnabled()

Indicates whether Security Hub is enabled in the policy.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-configurationpolicy-securityhubpolicy.html#cfn-securityhub-configurationpolicy-securityhubpolicy-serviceenabled

builder

@Stability(Stable)
static CfnConfigurationPolicy.SecurityHubPolicyProperty.Builder builder()

Returns:

a CfnConfigurationPolicy.SecurityHubPolicyProperty.Builder of CfnConfigurationPolicy.SecurityHubPolicyProperty