pulumi-aws-kotlin/com.pulumi.aws.securityhub.kotlin/AccountArgs

AccountArgs

data class AccountArgs(val autoEnableControls: Output<Boolean>? = null, val controlFindingGenerator: Output<String>? = null, val enableDefaultStandards: Output<Boolean>? = null) : ConvertibleToJava<AccountArgs>

Enables Security Hub for this AWS account.

NOTE: Destroying this resource will disable Security Hub for this AWS account.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Account("example");
    }
}
Content copied to clipboard

Import

Using pulumi import, import an existing Security Hub enabled account using the AWS account ID. For example:

$ pulumi import aws:securityhub/account:Account example 123456789012
Content copied to clipboard

Constructors

Link copied to clipboard
fun AccountArgs(autoEnableControls: Output<Boolean>? = null, controlFindingGenerator: Output<String>? = null, enableDefaultStandards: Output<Boolean>? = null)

Functions

Link copied to clipboard
open override fun toJava(): AccountArgs

Properties

Link copied to clipboard
val autoEnableControls: Output<Boolean>? = null

Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false.

Link copied to clipboard
val controlFindingGenerator: Output<String>? = null

Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. For accounts that are part of an organization, this value can only be updated in the administrator account.

Link copied to clipboard
val enableDefaultStandards: Output<Boolean>? = null

Whether to enable the security standards that Security Hub has designated as automatically enabled including: AWS Foundational Security Best Practices v1.0.0 and CIS AWS Foundations Benchmark v1.2.0. Defaults to true.