AWS::InspectorV2::CisScanConfiguration
The CIS scan configuration.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::InspectorV2::CisScanConfiguration", "Properties" : { "ScanName" :String, "Schedule" :Schedule, "SecurityLevel" :String, "Tags" :{, "Targets" :Key:Value, ...}CisTargets} }
YAML
Type: AWS::InspectorV2::CisScanConfiguration Properties: ScanName:StringSchedule:ScheduleSecurityLevel:StringTags:Targets:Key:ValueCisTargets
Properties
ScanName-
The name of the CIS scan configuration.
Required: Yes
Type: String
Minimum:
1Update requires: No interruption
Schedule-
The CIS scan configuration's schedule.
Required: Yes
Type: Schedule
Update requires: No interruption
SecurityLevel-
The CIS scan configuration's CIS Benchmark level.
Required: Yes
Type: String
Allowed values:
LEVEL_1 | LEVEL_2Update requires: No interruption
-
The CIS scan configuration's tags.
Required: No
Type: Object of String
Pattern:
^.{2,127}$Update requires: No interruption
Targets-
The CIS scan configuration's targets.
Required: Yes
Type: CisTargets
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the ARN of the CIS scan configuration. For example:
arn:aws:inspector2:us-east-1:012345678901:owner/012345678901/cis-configuration/c1c0fe5d28e39baa
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
Arn-
The CIS scan configuration's scan configuration ARN.
