Class: Aws::SecurityHub::Types::SecurityControl

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::SecurityControl

Includes:

Aws::Structure

Defined in:

lib/aws-sdk-securityhub/types.rb

Overview

A security control in Security Hub describes a security best practice related to a specific resource.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #description ⇒ String

  The description of a security control across standards.

• #last_update_reason ⇒ String

  The most recent reason for updating the customizable properties of a security control.

• #parameters ⇒ Hash<String,Types::ParameterConfiguration>

  An object that identifies the name of a control parameter, its current value, and whether it has been customized.

• #remediation_url ⇒ String

  A link to Security Hub documentation that explains how to remediate a failed finding for a security control.

• #security_control_arn ⇒ String

  The Amazon Resource Name (ARN) for a security control across standards, such as ‘arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1`.

• #security_control_id ⇒ String

  The unique identifier of a security control across standards.

• #security_control_status ⇒ String

  The enablement status of a security control in a specific standard.

• #severity_rating ⇒ String

  The severity of a security control.

• #title ⇒ String

  The title of a security control.

• #update_status ⇒ String

  Identifies whether customizable properties of a security control are reflected in Security Hub findings.

Instance Attribute Details

#description ⇒ String

The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn’t reference a specific standard.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#last_update_reason ⇒ String

The most recent reason for updating the customizable properties of a security control. This differs from the ‘UpdateReason` field of the

‘BatchUpdateStandardsControlAssociations` ][1

API, which tracks

the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.

[1]: docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#parameters ⇒ Hash<String,Types::ParameterConfiguration>

An object that identifies the name of a control parameter, its current value, and whether it has been customized.

Returns:

• (Hash<String,Types::ParameterConfiguration>)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#remediation_url ⇒ String

A link to Security Hub documentation that explains how to remediate a failed finding for a security control.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_arn ⇒ String

The Amazon Resource Name (ARN) for a security control across standards, such as ‘arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1`. This parameter doesn’t mention a specific standard.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_id ⇒ String

The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_status ⇒ String

The enablement status of a security control in a specific standard.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#severity_rating ⇒ String

The severity of a security control. For more information about how Security Hub determines control severity, see [Assigning severity to control findings] in the *Security Hub User Guide*.

[1]: docs.aws.amazon.com/securityhub/latest/userguide/controls-findings-create-update.html#control-findings-severity

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#title ⇒ String

The title of a security control.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#update_status ⇒ String

Identifies whether customizable properties of a security control are reflected in Security Hub findings. A status of ‘READY` indicates that Security Hub uses the current control parameter values when running security checks of the control. A status of `UPDATING` indicates that all security checks might not use the current parameter values.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 29354

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end