Class: Aws::SecurityHub::Types::AutomationRulesConfig
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::AutomationRulesConfig
- Defined in:
- gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb
Overview
Defines the configuration of an automation rule.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#actions ⇒ Array<Types::AutomationRulesAction>
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
-
#created_at ⇒ Time
A timestamp that indicates when the rule was created.
-
#created_by ⇒ String
The principal that created a rule.
-
#criteria ⇒ Types::AutomationRulesFindingFilters
A set of [Amazon Web Services Security Finding Format][1] finding field attributes and corresponding expected values that Security Hub uses to filter findings.
-
#description ⇒ String
A description of the rule.
-
#is_terminal ⇒ Boolean
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria.
-
#rule_arn ⇒ String
The Amazon Resource Name (ARN) of a rule.
-
#rule_name ⇒ String
The name of the rule.
-
#rule_order ⇒ Integer
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings.
-
#rule_status ⇒ String
Whether the rule is active after it is created.
-
#updated_at ⇒ Time
A timestamp that indicates when the rule was most recently updated.
Instance Attribute Details
#actions ⇒ Array<Types::AutomationRulesAction>
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#created_at ⇒ Time
A timestamp that indicates when the rule was created.
This field accepts only the specified formats. Timestamps can end
with Z
or ("+" / "-") time-hour [":" time-minute]
. The
time-secfrac after seconds is limited to a maximum of 9 digits. The
offset is bounded by +/-18:00. Here are valid timestamp formats with
examples:
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
)YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
)YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#created_by ⇒ String
The principal that created a rule.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#criteria ⇒ Types::AutomationRulesFindingFilters
A set of Amazon Web Services Security Finding Format finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#description ⇒ String
A description of the rule.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#is_terminal ⇒ Boolean
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_arn ⇒ String
The Amazon Resource Name (ARN) of a rule.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_name ⇒ String
The name of the rule.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_order ⇒ Integer
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_status ⇒ String
Whether the rule is active after it is created. If this parameter is
equal to ENABLED
, Security Hub starts applying the rule to
findings and finding updates after the rule is created.
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#updated_at ⇒ Time
A timestamp that indicates when the rule was most recently updated.
This field accepts only the specified formats. Timestamps can end
with Z
or ("+" / "-") time-hour [":" time-minute]
. The
time-secfrac after seconds is limited to a maximum of 9 digits. The
offset is bounded by +/-18:00. Here are valid timestamp formats with
examples:
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
)YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
)YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
)YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 557 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |