We recommend new projects start with resources from the AWS provider.
aws-native.securityhub.FindingAggregator
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
The AWS::SecurityHub::FindingAggregator
resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see Cross-Region aggregation in the User Guide
This resource must be created in the Region that you want to designate as your aggregation Region.
Cross-Region aggregation is also a prerequisite for using central configuration in ASH.
Create FindingAggregator Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FindingAggregator(name: string, args: FindingAggregatorArgs, opts?: CustomResourceOptions);
@overload
def FindingAggregator(resource_name: str,
args: FindingAggregatorArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FindingAggregator(resource_name: str,
opts: Optional[ResourceOptions] = None,
region_linking_mode: Optional[FindingAggregatorRegionLinkingMode] = None,
regions: Optional[Sequence[str]] = None)
func NewFindingAggregator(ctx *Context, name string, args FindingAggregatorArgs, opts ...ResourceOption) (*FindingAggregator, error)
public FindingAggregator(string name, FindingAggregatorArgs args, CustomResourceOptions? opts = null)
public FindingAggregator(String name, FindingAggregatorArgs args)
public FindingAggregator(String name, FindingAggregatorArgs args, CustomResourceOptions options)
type: aws-native:securityhub:FindingAggregator
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FindingAggregatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FindingAggregatorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FindingAggregatorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FindingAggregatorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FindingAggregatorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
FindingAggregator Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The FindingAggregator resource accepts the following input properties:
- Region
Linking Pulumi.Mode Aws Native. Security Hub. Finding Aggregator Region Linking Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- Regions List<string>
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
- Region
Linking FindingMode Aggregator Region Linking Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- Regions []string
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
- region
Linking FindingMode Aggregator Region Linking Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- regions List<String>
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
- region
Linking FindingMode Aggregator Region Linking Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- regions string[]
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
- region_
linking_ Findingmode Aggregator Region Linking Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- regions Sequence[str]
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
- region
Linking "ALL_REGIONS" | "ALL_REGIONS_EXCEPT_SPECIFIED" | "SPECIFIED_REGIONS"Mode - Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
The selected option also determines how to use the Regions provided in the Regions list.
The options are as follows:
ALL_REGIONS
- Aggregates findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.ALL_REGIONS_EXCEPT_SPECIFIED
- Aggregates findings from all of the Regions where Security Hub is enabled, except for the Regions listed in theRegions
parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them.SPECIFIED_REGIONS
- Aggregates findings only from the Regions listed in theRegions
parameter. Security Hub does not automatically aggregate findings from new Regions.NO_REGIONS
- Aggregates no data because no Regions are selected as linked Regions.
- regions List<String>
- If
RegionLinkingMode
isALL_REGIONS_EXCEPT_SPECIFIED
, then this is a space-separated list of Regions that don't replicate and send findings to the home Region. IfRegionLinkingMode
isSPECIFIED_REGIONS
, then this is a space-separated list of Regions that do replicate and send findings to the home Region. AnInvalidInputException
error results if you populate this field whileRegionLinkingMode
isNO_REGIONS
.
Outputs
All input properties are implicitly available as output properties. Additionally, the FindingAggregator resource produces the following output properties:
- Finding
Aggregation stringRegion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- Finding
Aggregator stringArn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- Id string
- The provider-assigned unique ID for this managed resource.
- Finding
Aggregation stringRegion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- Finding
Aggregator stringArn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- Id string
- The provider-assigned unique ID for this managed resource.
- finding
Aggregation StringRegion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- finding
Aggregator StringArn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- id String
- The provider-assigned unique ID for this managed resource.
- finding
Aggregation stringRegion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- finding
Aggregator stringArn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- id string
- The provider-assigned unique ID for this managed resource.
- finding_
aggregation_ strregion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- finding_
aggregator_ strarn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- id str
- The provider-assigned unique ID for this managed resource.
- finding
Aggregation StringRegion - The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
- finding
Aggregator StringArn - The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
- id String
- The provider-assigned unique ID for this managed resource.
Supporting Types
FindingAggregatorRegionLinkingMode, FindingAggregatorRegionLinkingModeArgs
- All
Regions - ALL_REGIONS
- All
Regions Except Specified - ALL_REGIONS_EXCEPT_SPECIFIED
- Specified
Regions - SPECIFIED_REGIONS
- Finding
Aggregator Region Linking Mode All Regions - ALL_REGIONS
- Finding
Aggregator Region Linking Mode All Regions Except Specified - ALL_REGIONS_EXCEPT_SPECIFIED
- Finding
Aggregator Region Linking Mode Specified Regions - SPECIFIED_REGIONS
- All
Regions - ALL_REGIONS
- All
Regions Except Specified - ALL_REGIONS_EXCEPT_SPECIFIED
- Specified
Regions - SPECIFIED_REGIONS
- All
Regions - ALL_REGIONS
- All
Regions Except Specified - ALL_REGIONS_EXCEPT_SPECIFIED
- Specified
Regions - SPECIFIED_REGIONS
- ALL_REGIONS
- ALL_REGIONS
- ALL_REGIONS_EXCEPT_SPECIFIED
- ALL_REGIONS_EXCEPT_SPECIFIED
- SPECIFIED_REGIONS
- SPECIFIED_REGIONS
- "ALL_REGIONS"
- ALL_REGIONS
- "ALL_REGIONS_EXCEPT_SPECIFIED"
- ALL_REGIONS_EXCEPT_SPECIFIED
- "SPECIFIED_REGIONS"
- SPECIFIED_REGIONS
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.