pulumi-aws-kotlin/com.pulumi.aws.securityhub.kotlin/StandardsControl

StandardsControl

class StandardsControl : KotlinCustomResource

Disable/enable Security Hub standards control in the current region. The aws.securityhub.StandardsControl behaves differently from normal resources, in that The provider does not create this resource, but instead "adopts" it into management. When you delete this resource configuration, the provider "abandons" resource as is and just removes it from the state.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.StandardsSubscription;
import com.pulumi.aws.securityhub.StandardsSubscriptionArgs;
import com.pulumi.aws.securityhub.StandardsControl;
import com.pulumi.aws.securityhub.StandardsControlArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Account("example");
        var cisAwsFoundationsBenchmark = new StandardsSubscription("cisAwsFoundationsBenchmark", StandardsSubscriptionArgs.builder()
            .standardsArn("arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0")
            .build(), CustomResourceOptions.builder()
                .dependsOn(example)
                .build());
        var ensureIamPasswordPolicyPreventsPasswordReuse = new StandardsControl("ensureIamPasswordPolicyPreventsPasswordReuse", StandardsControlArgs.builder()
            .standardsControlArn("arn:aws:securityhub:us-east-1:111111111111:control/cis-aws-foundations-benchmark/v/1.2.0/1.10")
            .controlStatus("DISABLED")
            .disabledReason("We handle password policies within Okta")
            .build(), CustomResourceOptions.builder()
                .dependsOn(cisAwsFoundationsBenchmark)
                .build());
    }
}
Content copied to clipboard

Properties

Link copied to clipboard
val controlId: Output<String>

The identifier of the security standard control.

Link copied to clipboard
val controlStatus: Output<String>

The control status could be ENABLED or DISABLED. You have to specify disabled_reason argument for DISABLED control status.

Link copied to clipboard
val controlStatusUpdatedAt: Output<String>

The date and time that the status of the security standard control was most recently updated.

Link copied to clipboard
val description: Output<String>

The standard control longer description. Provides information about what the control is checking for.

Link copied to clipboard
val disabledReason: Output<String>

A description of the reason why you are disabling a security standard control. If you specify this attribute, control_status will be set to DISABLED automatically.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val relatedRequirements: Output<List<String>>

The list of requirements that are related to this control.

Link copied to clipboard
val remediationUrl: Output<String>

A link to remediation information for the control in the Security Hub user documentation.

Link copied to clipboard
val severityRating: Output<String>

The severity of findings generated from this security standard control.

Link copied to clipboard
val standardsControlArn: Output<String>

The standards control ARN.

Link copied to clipboard
val title: Output<String>

The standard control title.

Link copied to clipboard
val urn: Output<String>