/AWS1/CL_SHB=>UPDATECONFIGURATIONPOLICY()¶
About UpdateConfigurationPolicy¶
Updates a configuration policy. Only the Security Hub delegated administrator can invoke this operation from the home Region.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_IDENTIFIER TYPE /AWS1/SHBNONEMPTYSTRING /AWS1/SHBNONEMPTYSTRING¶
The Amazon Resource Name (ARN) or universally unique identifier (UUID) of the configuration policy.
Optional arguments:¶
IV_NAME TYPE /AWS1/SHBNONEMPTYSTRING /AWS1/SHBNONEMPTYSTRING¶
The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted:
-, ., !, *, /.
IV_DESCRIPTION TYPE /AWS1/SHBNONEMPTYSTRING /AWS1/SHBNONEMPTYSTRING¶
The description of the configuration policy.
IV_UPDATEDREASON TYPE /AWS1/SHBNONEMPTYSTRING /AWS1/SHBNONEMPTYSTRING¶
The reason for updating the configuration policy.
IO_CONFIGURATIONPOLICY TYPE REF TO /AWS1/CL_SHBPOLICY /AWS1/CL_SHBPOLICY¶
An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
When updating a configuration policy, provide a complete list of standards that you want to enable and a complete list of controls that you want to enable or disable. The updated configuration replaces the current configuration.