pulumi-aws-native-kotlin/com.pulumi.awsnative.securityhub.kotlin.outputs/AutomationRulesFindingFilters

AutomationRulesFindingFilters

data class AutomationRulesFindingFilters(val awsAccountId: List<AutomationRuleStringFilter>? = null, val companyName: List<AutomationRuleStringFilter>? = null, val complianceAssociatedStandardsId: List<AutomationRuleStringFilter>? = null, val complianceSecurityControlId: List<AutomationRuleStringFilter>? = null, val complianceStatus: List<AutomationRuleStringFilter>? = null, val confidence: List<AutomationRuleNumberFilter>? = null, val createdAt: List<AutomationRuleDateFilter>? = null, val criticality: List<AutomationRuleNumberFilter>? = null, val description: List<AutomationRuleStringFilter>? = null, val firstObservedAt: List<AutomationRuleDateFilter>? = null, val generatorId: List<AutomationRuleStringFilter>? = null, val id: List<AutomationRuleStringFilter>? = null, val lastObservedAt: List<AutomationRuleDateFilter>? = null, val noteText: List<AutomationRuleStringFilter>? = null, val noteUpdatedAt: List<AutomationRuleDateFilter>? = null, val noteUpdatedBy: List<AutomationRuleStringFilter>? = null, val productArn: List<AutomationRuleStringFilter>? = null, val productName: List<AutomationRuleStringFilter>? = null, val recordState: List<AutomationRuleStringFilter>? = null, val relatedFindingsId: List<AutomationRuleStringFilter>? = null, val relatedFindingsProductArn: List<AutomationRuleStringFilter>? = null, val resourceDetailsOther: List<AutomationRuleMapFilter>? = null, val resourceId: List<AutomationRuleStringFilter>? = null, val resourcePartition: List<AutomationRuleStringFilter>? = null, val resourceRegion: List<AutomationRuleStringFilter>? = null, val resourceTags: List<AutomationRuleMapFilter>? = null, val resourceType: List<AutomationRuleStringFilter>? = null, val severityLabel: List<AutomationRuleStringFilter>? = null, val sourceUrl: List<AutomationRuleStringFilter>? = null, val title: List<AutomationRuleStringFilter>? = null, val type: List<AutomationRuleStringFilter>? = null, val updatedAt: List<AutomationRuleDateFilter>? = null, val userDefinedFields: List<AutomationRuleMapFilter>? = null, val verificationState: List<AutomationRuleStringFilter>? = null, val workflowStatus: List<AutomationRuleStringFilter>? = null)

The criteria that determine which findings a rule applies to.

Constructors

Types

Companion

object Companion

Properties

awsAccountId

val awsAccountId: List<AutomationRuleStringFilter>? = null

The AWS-account ID in which a finding was generated. Array Members: Minimum number of 1 item. Maximum number of 100 items.

companyName

val companyName: List<AutomationRuleStringFilter>? = null

The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Array Members: Minimum number of 1 item. Maximum number of 20 items.

complianceAssociatedStandardsId

val complianceAssociatedStandardsId: List<AutomationRuleStringFilter>? = null

The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the DescribeStandards API response. Array Members: Minimum number of 1 item. Maximum number of 20 items.

complianceSecurityControlId

val complianceSecurityControlId: List<AutomationRuleStringFilter>? = null

The security control ID for which a finding was generated. Security control IDs are the same across standards. Array Members: Minimum number of 1 item. Maximum number of 20 items.

complianceStatus

val complianceStatus: List<AutomationRuleStringFilter>? = null

The result of a security check. This field is only used for findings generated from controls. Array Members: Minimum number of 1 item. Maximum number of 20 items.

confidence

val confidence: List<AutomationRuleNumberFilter>? = null

The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0–100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see Confidence in the User Guide. Array Members: Minimum number of 1 item. Maximum number of 20 items.

createdAt

val createdAt: List<AutomationRuleDateFilter>? = null

A timestamp that indicates when this finding record was created. For more information about the validation and formatting of timestamp fields in ASHlong, see Timestamps. Array Members: Minimum number of 1 item. Maximum number of 20 items.

criticality

val criticality: List<AutomationRuleNumberFilter>? = null

The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see Criticality in the User Guide. Array Members: Minimum number of 1 item. Maximum number of 20 items.

description

val description: List<AutomationRuleStringFilter>? = null

A finding's description. Array Members: Minimum number of 1 item. Maximum number of 20 items.

firstObservedAt

val firstObservedAt: List<AutomationRuleDateFilter>? = null

A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. For more information about the validation and formatting of timestamp fields in ASHlong, see Timestamps. Array Members: Minimum number of 1 item. Maximum number of 20 items.

generatorId

val generatorId: List<AutomationRuleStringFilter>? = null

The identifier for the solution-specific component that generated a finding. Array Members: Minimum number of 1 item. Maximum number of 100 items.

val id: List<AutomationRuleStringFilter>? = null

The product-specific identifier for a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

lastObservedAt

val lastObservedAt: List<AutomationRuleDateFilter>? = null

A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding. For more information about the validation and formatting of timestamp fields in ASHlong, see Timestamps. Array Members: Minimum number of 1 item. Maximum number of 20 items.

noteText

val noteText: List<AutomationRuleStringFilter>? = null

The text of a user-defined note that's added to a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

noteUpdatedAt

val noteUpdatedAt: List<AutomationRuleDateFilter>? = null

The timestamp of when the note was updated. For more information about the validation and formatting of timestamp fields in ASHlong, see Timestamps. Array Members: Minimum number of 1 item. Maximum number of 20 items.

noteUpdatedBy

val noteUpdatedBy: List<AutomationRuleStringFilter>? = null

The principal that created a note. Array Members: Minimum number of 1 item. Maximum number of 20 items.

productArn

val productArn: List<AutomationRuleStringFilter>? = null

The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Array Members: Minimum number of 1 item. Maximum number of 20 items.

productName

val productName: List<AutomationRuleStringFilter>? = null

Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Array Members: Minimum number of 1 item. Maximum number of 20 items.

recordState

val recordState: List<AutomationRuleStringFilter>? = null

Provides the current state of a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

relatedFindingsId

The product-generated identifier for a related finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

relatedFindingsProductArn

The ARN for the product that generated a related finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

resourceDetailsOther

val resourceDetailsOther: List<AutomationRuleMapFilter>? = null

Custom fields and values about the resource that a finding pertains to. Array Members: Minimum number of 1 item. Maximum number of 20 items.

resourceId

val resourceId: List<AutomationRuleStringFilter>? = null

The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS-service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Array Members: Minimum number of 1 item. Maximum number of 100 items.

resourcePartition

val resourcePartition: List<AutomationRuleStringFilter>? = null

The partition in which the resource that the finding pertains to is located. A partition is a group of AWS-Regions. Each AWS-account is scoped to one partition. Array Members: Minimum number of 1 item. Maximum number of 20 items.

resourceRegion

val resourceRegion: List<AutomationRuleStringFilter>? = null

The AWS-Region where the resource that a finding pertains to is located. Array Members: Minimum number of 1 item. Maximum number of 20 items.

resourceTags

val resourceTags: List<AutomationRuleMapFilter>? = null

A list of AWS tags associated with a resource at the time the finding was processed. Array Members: Minimum number of 1 item. Maximum number of 20 items.

resourceType

val resourceType: List<AutomationRuleStringFilter>? = null

A finding's title. Array Members: Minimum number of 1 item. Maximum number of 100 items.

severityLabel

val severityLabel: List<AutomationRuleStringFilter>? = null

The severity value of the finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

sourceUrl

val sourceUrl: List<AutomationRuleStringFilter>? = null

Provides a URL that links to a page about the current finding in the finding product. Array Members: Minimum number of 1 item. Maximum number of 20 items.

title

val title: List<AutomationRuleStringFilter>? = null

A finding's title. Array Members: Minimum number of 1 item. Maximum number of 100 items.

type

val type: List<AutomationRuleStringFilter>? = null

One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see Types taxonomy for ASFF in the User Guide. Array Members: Minimum number of 1 item. Maximum number of 20 items.

updatedAt

val updatedAt: List<AutomationRuleDateFilter>? = null

A timestamp that indicates when the finding record was most recently updated. For more information about the validation and formatting of timestamp fields in ASHlong, see Timestamps. Array Members: Minimum number of 1 item. Maximum number of 20 items.

userDefinedFields

val userDefinedFields: List<AutomationRuleMapFilter>? = null

A list of user-defined name and value string pairs added to a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

verificationState

val verificationState: List<AutomationRuleStringFilter>? = null

Provides the veracity of a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.

workflowStatus

val workflowStatus: List<AutomationRuleStringFilter>? = null

Provides information about the status of the investigation into a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.