pulumi-aws-kotlin/com.pulumi.aws.securityhub.kotlin/Insight

Insight

class Insight : KotlinCustomResource

Provides a Security Hub custom insight resource. See the Managing custom insights section of the AWS User Guide for more information.

Example Usage

Filter by AWS account ID

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleAccount = new Account("exampleAccount");
        var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
            .filters(InsightFiltersArgs.builder()
                .awsAccountIds(
                    InsightFiltersAwsAccountIdArgs.builder()
                        .comparison("EQUALS")
                        .value("1234567890")
                        .build(),
                    InsightFiltersAwsAccountIdArgs.builder()
                        .comparison("EQUALS")
                        .value("09876543210")
                        .build())
                .build())
            .groupByAttribute("AwsAccountId")
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAccount)
                .build());
    }
}
Content copied to clipboard

Filter by date range

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleAccount = new Account("exampleAccount");
        var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
            .filters(InsightFiltersArgs.builder()
                .createdAts(InsightFiltersCreatedAtArgs.builder()
                    .dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
                        .unit("DAYS")
                        .value(5)
                        .build())
                    .build())
                .build())
            .groupByAttribute("CreatedAt")
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAccount)
                .build());
    }
}
Content copied to clipboard

Filter by destination IPv4 address

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleAccount = new Account("exampleAccount");
        var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
            .filters(InsightFiltersArgs.builder()
                .networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
                    .cidr("10.0.0.0/16")
                    .build())
                .build())
            .groupByAttribute("NetworkDestinationIpV4")
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAccount)
                .build());
    }
}
Content copied to clipboard

Filter by finding's confidence

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleAccount = new Account("exampleAccount");
        var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
            .filters(InsightFiltersArgs.builder()
                .confidences(InsightFiltersConfidenceArgs.builder()
                    .gte("80")
                    .build())
                .build())
            .groupByAttribute("Confidence")
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAccount)
                .build());
    }
}
Content copied to clipboard

Filter by resource tags

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleAccount = new Account("exampleAccount");
        var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
            .filters(InsightFiltersArgs.builder()
                .resourceTags(InsightFiltersResourceTagArgs.builder()
                    .comparison("EQUALS")
                    .key("Environment")
                    .value("Production")
                    .build())
                .build())
            .groupByAttribute("ResourceTags")
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleAccount)
                .build());
    }
}
Content copied to clipboard

Import

Security Hub insights can be imported using the ARN, e.g.,

$ pulumi import aws:securityhub/insight:Insight example arn:aws:securityhub:us-west-2:1234567890:insight/1234567890/custom/91299ed7-abd0-4e44-a858-d0b15e37141a
Content copied to clipboard

Properties

Link copied to clipboard
val arn: Output<String>

ARN of the insight.

Link copied to clipboard
val filters: Output<InsightFilters>

A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.

Link copied to clipboard
val groupByAttribute: Output<String>

The attribute used to group the findings for the insight e.g., if an insight is grouped by ResourceId, then the insight produces a list of resource identifiers.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val name: Output<String>

The name of the custom insight.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val urn: Output<String>