Package-level declarations

The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see Automation rules in the User Guide.

The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see Automation rules in the User Guide.

Builder for AutomationRuleArgs.

Builder for AutomationRule.

The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.

The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.

Builder for ConfigurationPolicyArgs.

Builder for ConfigurationPolicy.

The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated ASHlong administrator account for an organization. You must enable the integration between ASH and AOlong before you can designate a delegated ASH administrator. Only the management account for an organization can designate the delegated ASH administrator account. For more information, see Designating the delegated administrator in the User Guide. To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account. To designate multiple delegated administrators in different organizations and AWS-Regions, we recommend using mappings. Tags aren't supported for this resource.

The `AWS::SecurityHub::DelegatedAdmin` resource designates the delegated ASHlong administrator account for an organization. You must enable the integration between ASH and AOlong before you can designate a delegated ASH administrator. Only the management account for an organization can designate the delegated ASH administrator account. For more information, see Designating the delegated administrator in the User Guide. To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account. To designate multiple delegated administrators in different organizations and AWS-Regions, we recommend using mappings. Tags aren't supported for this resource.

Builder for DelegatedAdminArgs.

Builder for DelegatedAdmin.

The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see Cross-Region aggregation in the User Guide This resource must be created in the Region that you want to designate as your aggregation Region. Cross-Region aggregation is also a prerequisite for using central configuration in ASH.

The `AWS::SecurityHub::FindingAggregator` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see Cross-Region aggregation in the User Guide This resource must be created in the Region that you want to designate as your aggregation Region. Cross-Region aggregation is also a prerequisite for using central configuration in ASH.

Builder for FindingAggregatorArgs.

Builder for FindingAggregator.

The AWS::SecurityHub::Hub resource represents the implementation of the AWS Security Hub service in your account. One hub resource is created for each Region in which you enable Security Hub.

The AWS::SecurityHub::Hub resource represents the implementation of the AWS Security Hub service in your account. One hub resource is created for each Region in which you enable Security Hub.

Builder for HubArgs.

Builder for Hub.

The AWS::SecurityHub::Insight resource represents the AWS Security Hub Insight in your account. An AWS Security Hub insight is a collection of related findings.

The AWS::SecurityHub::Insight resource represents the AWS Security Hub Insight in your account. An AWS Security Hub insight is a collection of related findings.

Builder for InsightArgs.

Builder for Insight.

The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator.

The AWS::SecurityHub::OrganizationConfiguration resource represents the configuration of your organization in Security Hub. Only the Security Hub administrator account can create Organization Configuration resource in each region and can opt-in to Central Configuration only in the aggregation region of FindingAggregator.

Builder for OrganizationConfigurationArgs.

Builder for OrganizationConfiguration.

The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region.

The AWS::SecurityHub::PolicyAssociation resource represents the AWS Security Hub Central Configuration Policy associations in your Target. Only the AWS Security Hub delegated administrator can create the resouce from the home region.

Builder for PolicyAssociationArgs.

Builder for PolicyAssociation.

The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.

The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.

Builder for ProductSubscriptionArgs.

Builder for ProductSubscription.

A security control in Security Hub describes a security best practice related to a specific resource.

A security control in Security Hub describes a security best practice related to a specific resource.

Builder for SecurityControlArgs.

Builder for SecurityControl.

The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of ASH standards and their Amazon Resource Names (ARNs), use the DescribeStandards API operation. You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable. For more information about ASH standards, see standards reference in the User Guide.

The `AWS::SecurityHub::Standard` resource specifies the enablement of a security standard. The standard is identified by the `StandardsArn` property. To view a list of ASH standards and their Amazon Resource Names (ARNs), use the DescribeStandards API operation. You must create a separate `AWS::SecurityHub::Standard` resource for each standard that you want to enable. For more information about ASH standards, see standards reference in the User Guide.

Builder for StandardArgs.

Builder for Standard.