AWS::InspectorV2::CisScanConfiguration - AWS CloudFormation

AWS::InspectorV2::CisScanConfiguration

The CIS scan configuration.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::InspectorV2::CisScanConfiguration", "Properties" : { "ScanName" : String, "Schedule" : Schedule, "SecurityLevel" : String, "Tags" : {Key: Value, ...}, "Targets" : CisTargets } }

YAML

Type: AWS::InspectorV2::CisScanConfiguration Properties: ScanName: String Schedule: Schedule SecurityLevel: String Tags: Key: Value Targets: CisTargets

Properties

ScanName

The name of the CIS scan configuration.

Required: Yes

Type: String

Minimum: 1

Update requires: No interruption

Schedule

The CIS scan configuration's schedule.

Required: Yes

Type: Schedule

Update requires: No interruption

SecurityLevel

The CIS scan configuration's CIS Benchmark level.

Required: Yes

Type: String

Allowed values: LEVEL_1 | LEVEL_2

Update requires: No interruption

Tags

The CIS scan configuration's tags.

Required: No

Type: Object of String

Pattern: ^.{2,127}$

Update requires: No interruption

Targets

The CIS scan configuration's targets.

Required: Yes

Type: CisTargets

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the ARN of the CIS scan configuration. For example:

arn:aws:inspector2:us-east-1:012345678901:owner/012345678901/cis-configuration/c1c0fe5d28e39baa

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The CIS scan configuration's scan configuration ARN.