/AWS1/CL_SHB=>UPDATECONFIGURATIONPOLICY()
¶
About UpdateConfigurationPolicy¶
Updates a configuration policy. Only the Security Hub delegated administrator can invoke this operation from the home Region.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_IDENTIFIER
TYPE /AWS1/SHBNONEMPTYSTRING
/AWS1/SHBNONEMPTYSTRING
¶
The Amazon Resource Name (ARN) or universally unique identifier (UUID) of the configuration policy.
Optional arguments:¶
IV_NAME
TYPE /AWS1/SHBNONEMPTYSTRING
/AWS1/SHBNONEMPTYSTRING
¶
The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted:
-, ., !, *, /
.
IV_DESCRIPTION
TYPE /AWS1/SHBNONEMPTYSTRING
/AWS1/SHBNONEMPTYSTRING
¶
The description of the configuration policy.
IV_UPDATEDREASON
TYPE /AWS1/SHBNONEMPTYSTRING
/AWS1/SHBNONEMPTYSTRING
¶
The reason for updating the configuration policy.
IO_CONFIGURATIONPOLICY
TYPE REF TO /AWS1/CL_SHBPOLICY
/AWS1/CL_SHBPOLICY
¶
An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
When updating a configuration policy, provide a complete list of standards that you want to enable and a complete list of controls that you want to enable or disable. The updated configuration replaces the current configuration.