Class: Aws::SecurityHub::Types::AutomationRulesConfig

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-securityhub/types.rb

Overview

Defines the configuration of an automation rule.

See Also:

Constant Summary collapse

SENSITIVE = 
[]

Instance Attribute Summary collapse

Instance Attribute Details

#actionsArray<Types::AutomationRulesAction>

One or more actions to update finding fields if a finding matches the defined criteria of the rule.

Returns:



563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#created_atTime

A timestamp that indicates when the rule was created.

This field accepts only the specified formats. Timestamps can end with ‘Z` or `(“+” / “-”) time-hour [“:” time-minute]`. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • ‘YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z`)

  • ‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z`)

  • ‘YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59`)

  • ‘YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759`)

  • ‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59`)

Returns:

  • (Time) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#created_byString

The principal that created a rule.

Returns:

  • (String) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#criteriaTypes::AutomationRulesFindingFilters

A set of [Amazon Web Services Security Finding Format] finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the conditions specified in this parameter, Security Hub applies the rule action to the finding.

[1]: docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html

Returns:



563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionString

A description of the rule.

Returns:

  • (String) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#is_terminalBoolean

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn’t evaluate other rules for the finding. By default, a rule isn’t terminal.

Returns:

  • (Boolean) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#rule_arnString

The Amazon Resource Name (ARN) of a rule.

Returns:

  • (String) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#rule_nameString

The name of the rule.

Returns:

  • (String) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#rule_orderInteger

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.

Returns:

  • (Integer) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#rule_statusString

Whether the rule is active after it is created. If this parameter is equal to ‘ENABLED`, Security Hub starts applying the rule to findings and finding updates after the rule is created.

Returns:

  • (String) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end

#updated_atTime

A timestamp that indicates when the rule was most recently updated.

This field accepts only the specified formats. Timestamps can end with ‘Z` or `(“+” / “-”) time-hour [“:” time-minute]`. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • ‘YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z`)

  • ‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z`)

  • ‘YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59`)

  • ‘YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759`)

  • ‘YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59`)

Returns:

  • (Time) 


563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
 
# File 'lib/aws-sdk-securityhub/types.rb', line 563

class AutomationRulesConfig < Struct.new(
  :rule_arn,
  :rule_status,
  :rule_order,
  :rule_name,
  :description,
  :is_terminal,
  :criteria,
  :actions,
  :created_at,
  :updated_at,
  :created_by)
  SENSITIVE = []
  include Aws::Structure
end