1. Docs
  2. Reference
  3. API
  4. @pulumi/aws
  5. securityhub

Module securityhub

This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

Resources

Others

Resources

Resource Account

class Account extends CustomResource

Enables Security Hub for this AWS account.

NOTE: Destroying this resource will disable Security Hub for this AWS account.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.securityhub.Account("example", {});

constructor

new Account(name: string, args?: AccountArgs, opts?: pulumi.CustomResourceOptions)

Create a Account resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AccountState, opts?: pulumi.CustomResourceOptions): Account

Get an existing Account resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Account

Returns true if the given object is an instance of Account. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Member

class Member extends CustomResource

Provides a Security Hub member resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleAccount = new aws.securityhub.Account("example", {});
const exampleMember = new aws.securityhub.Member("example", {
    accountId: "123456789012",
    email: "example@example.com",
    invite: true,
}, { dependsOn: [exampleAccount] });

constructor

new Member(name: string, args: MemberArgs, opts?: pulumi.CustomResourceOptions)

Create a Member resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: MemberState, opts?: pulumi.CustomResourceOptions): Member

Get an existing Member resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Member

Returns true if the given object is an instance of Member. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accountId

public accountId: pulumi.Output<string>;

The ID of the member AWS account.

property email

public email: pulumi.Output<string>;

The email of the member AWS account.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property invite

public invite: pulumi.Output<boolean | undefined>;

Boolean whether to invite the account to Security Hub as a member. Defaults to false.

property masterId

public masterId: pulumi.Output<string>;

The ID of the master Security Hub AWS account.

property memberStatus

public memberStatus: pulumi.Output<string>;

The status of the relationship between the member account and its master account.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ProductSubscription

class ProductSubscription extends CustomResource

Subscribes to a Security Hub product.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleAccount = new aws.securityhub.Account("example", {});
const current = pulumi.output(aws.getRegion({ async: true }));
const exampleProductSubscription = new aws.securityhub.ProductSubscription("example", {
    productArn: pulumi.interpolate`arn:aws:securityhub:${current.name!}:733251395267:product/alertlogic/althreatmanagement`,
}, { dependsOn: [exampleAccount] });

constructor

new ProductSubscription(name: string, args: ProductSubscriptionArgs, opts?: pulumi.CustomResourceOptions)

Create a ProductSubscription resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProductSubscriptionState, opts?: pulumi.CustomResourceOptions): ProductSubscription

Get an existing ProductSubscription resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is ProductSubscription

Returns true if the given object is an instance of ProductSubscription. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn

public arn: pulumi.Output<string>;

The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property productArn

public productArn: pulumi.Output<string>;

The ARN of the product that generates findings that you want to import into Security Hub - see below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource StandardsSubscription

class StandardsSubscription extends CustomResource

Subscribes to a Security Hub standard.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.securityhub.Account("example", {});
const cis = new aws.securityhub.StandardsSubscription("cis", {
    standardsArn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
}, { dependsOn: [example] });
const pci321 = new aws.securityhub.StandardsSubscription("pci_321", {
    standardsArn: "arn:aws:securityhub:us-east-1::standards/pci-dss/v/3.2.1",
}, { dependsOn: [example] });

constructor

new StandardsSubscription(name: string, args: StandardsSubscriptionArgs, opts?: pulumi.CustomResourceOptions)

Create a StandardsSubscription resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: StandardsSubscriptionState, opts?: pulumi.CustomResourceOptions): StandardsSubscription

Get an existing StandardsSubscription resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is StandardsSubscription

Returns true if the given object is an instance of StandardsSubscription. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property standardsArn

public standardsArn: pulumi.Output<string>;

The ARN of a standard - see below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Others

interface AccountArgs

interface AccountArgs

The set of arguments for constructing a Account resource.

interface AccountState

interface AccountState

Input properties used for looking up and filtering Account resources.

interface MemberArgs

interface MemberArgs

The set of arguments for constructing a Member resource.

property accountId

accountId: pulumi.Input<string>;

The ID of the member AWS account.

property email

email: pulumi.Input<string>;

The email of the member AWS account.

property invite

invite?: pulumi.Input<boolean>;

Boolean whether to invite the account to Security Hub as a member. Defaults to false.

interface MemberState

interface MemberState

Input properties used for looking up and filtering Member resources.

property accountId

accountId?: pulumi.Input<string>;

The ID of the member AWS account.

property email

email?: pulumi.Input<string>;

The email of the member AWS account.

property invite

invite?: pulumi.Input<boolean>;

Boolean whether to invite the account to Security Hub as a member. Defaults to false.

property masterId

masterId?: pulumi.Input<string>;

The ID of the master Security Hub AWS account.

property memberStatus

memberStatus?: pulumi.Input<string>;

The status of the relationship between the member account and its master account.

interface ProductSubscriptionArgs

interface ProductSubscriptionArgs

The set of arguments for constructing a ProductSubscription resource.

property productArn

productArn: pulumi.Input<string>;

The ARN of the product that generates findings that you want to import into Security Hub - see below.

interface ProductSubscriptionState

interface ProductSubscriptionState

Input properties used for looking up and filtering ProductSubscription resources.

property arn

arn?: pulumi.Input<string>;

The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.

property productArn

productArn?: pulumi.Input<string>;

The ARN of the product that generates findings that you want to import into Security Hub - see below.

interface StandardsSubscriptionArgs

interface StandardsSubscriptionArgs

The set of arguments for constructing a StandardsSubscription resource.

property standardsArn

standardsArn: pulumi.Input<string>;

The ARN of a standard - see below.

interface StandardsSubscriptionState

interface StandardsSubscriptionState

Input properties used for looking up and filtering StandardsSubscription resources.

property standardsArn

standardsArn?: pulumi.Input<string>;

The ARN of a standard - see below.