Class: Aws::SecurityHub::Types::AutomationRulesConfig
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::AutomationRulesConfig
- Includes:
- Aws::Structure
- Defined in:
- lib/aws-sdk-securityhub/types.rb
Overview
Defines the configuration of an automation rule.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#actions ⇒ Array<Types::AutomationRulesAction>
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
-
#created_at ⇒ Time
A timestamp that indicates when the rule was created.
-
#created_by ⇒ String
The principal that created a rule.
-
#criteria ⇒ Types::AutomationRulesFindingFilters
A set of [Amazon Web Services Security Finding Format] finding field attributes and corresponding expected values that Security Hub uses to filter findings.
-
#description ⇒ String
A description of the rule.
-
#is_terminal ⇒ Boolean
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria.
-
#rule_arn ⇒ String
The Amazon Resource Name (ARN) of a rule.
-
#rule_name ⇒ String
The name of the rule.
-
#rule_order ⇒ Integer
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings.
-
#rule_status ⇒ String
Whether the rule is active after it is created.
-
#updated_at ⇒ Time
A timestamp that indicates when the rule was most recently updated.
Instance Attribute Details
#actions ⇒ Array<Types::AutomationRulesAction>
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#created_at ⇒ Time
A timestamp that indicates when the rule was created.
This field accepts only the specified formats. Timestamps can end with ‘Z` or `(“+” / “-”) time-hour [“:” time-minute]`. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
-
‘YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z`)
-
‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z`)
-
‘YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59`)
-
‘YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759`)
-
‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59`)
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#created_by ⇒ String
The principal that created a rule.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#criteria ⇒ Types::AutomationRulesFindingFilters
A set of [Amazon Web Services Security Finding Format] finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.
[1]: docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#description ⇒ String
A description of the rule.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#is_terminal ⇒ Boolean
Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_arn ⇒ String
The Amazon Resource Name (ARN) of a rule.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_name ⇒ String
The name of the rule.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_order ⇒ Integer
An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#rule_status ⇒ String
Whether the rule is active after it is created. If this parameter is equal to ‘ENABLED`, Security Hub starts applying the rule to findings and finding updates after the rule is created.
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |
#updated_at ⇒ Time
A timestamp that indicates when the rule was most recently updated.
This field accepts only the specified formats. Timestamps can end with ‘Z` or `(“+” / “-”) time-hour [“:” time-minute]`. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
-
‘YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z`)
-
‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z`)
-
‘YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59`)
-
‘YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759`)
-
‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59`)
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 |
# File 'lib/aws-sdk-securityhub/types.rb', line 688 class AutomationRulesConfig < Struct.new( :rule_arn, :rule_status, :rule_order, :rule_name, :description, :is_terminal, :criteria, :actions, :created_at, :updated_at, :created_by) SENSITIVE = [] include Aws::Structure end |