1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. securityhub
  5. getSecurityControl

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

aws-native.securityhub.getSecurityControl

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi

    A security control in Security Hub describes a security best practice related to a specific resource.

    Using getSecurityControl

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSecurityControl(args: GetSecurityControlArgs, opts?: InvokeOptions): Promise<GetSecurityControlResult>
    function getSecurityControlOutput(args: GetSecurityControlOutputArgs, opts?: InvokeOptions): Output<GetSecurityControlResult>
    def get_security_control(security_control_id: Optional[str] = None,
                             opts: Optional[InvokeOptions] = None) -> GetSecurityControlResult
    def get_security_control_output(security_control_id: Optional[pulumi.Input[str]] = None,
                             opts: Optional[InvokeOptions] = None) -> Output[GetSecurityControlResult]
    func LookupSecurityControl(ctx *Context, args *LookupSecurityControlArgs, opts ...InvokeOption) (*LookupSecurityControlResult, error)
    func LookupSecurityControlOutput(ctx *Context, args *LookupSecurityControlOutputArgs, opts ...InvokeOption) LookupSecurityControlResultOutput

    > Note: This function is named LookupSecurityControl in the Go SDK.

    public static class GetSecurityControl 
    {
        public static Task<GetSecurityControlResult> InvokeAsync(GetSecurityControlArgs args, InvokeOptions? opts = null)
        public static Output<GetSecurityControlResult> Invoke(GetSecurityControlInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSecurityControlResult> getSecurityControl(GetSecurityControlArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws-native:securityhub:getSecurityControl
      arguments:
        # arguments dictionary

    The following arguments are supported:

    SecurityControlId string
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
    SecurityControlId string
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
    securityControlId String
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
    securityControlId string
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
    security_control_id str
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
    securityControlId String
    The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.

    getSecurityControl Result

    The following output properties are available:

    LastUpdateReason string
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    Parameters Dictionary<string, Pulumi.AwsNative.SecurityHub.Outputs.SecurityControlParameterConfiguration>
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    SecurityControlArn string
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
    LastUpdateReason string
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    Parameters map[string]SecurityControlParameterConfiguration
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    SecurityControlArn string
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
    lastUpdateReason String
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    parameters Map<String,SecurityControlParameterConfiguration>
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    securityControlArn String
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
    lastUpdateReason string
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    parameters {[key: string]: SecurityControlParameterConfiguration}
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    securityControlArn string
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
    last_update_reason str
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    parameters Mapping[str, SecurityControlParameterConfiguration]
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    security_control_arn str
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.
    lastUpdateReason String
    The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
    parameters Map<Property Map>
    An object that identifies the name of a control parameter, its current value, and whether it has been customized.
    securityControlArn String
    The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.

    Supporting Types

    SecurityControlParameterConfiguration

    ValueType Pulumi.AwsNative.SecurityHub.SecurityControlParameterConfigurationValueType

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    Value Pulumi.AwsNative.SecurityHub.Inputs.SecurityControlParameterValue
    The current value of a control parameter.
    ValueType SecurityControlParameterConfigurationValueType

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    Value SecurityControlParameterValue
    The current value of a control parameter.
    valueType SecurityControlParameterConfigurationValueType

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    value SecurityControlParameterValue
    The current value of a control parameter.
    valueType SecurityControlParameterConfigurationValueType

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    value SecurityControlParameterValue
    The current value of a control parameter.
    value_type SecurityControlParameterConfigurationValueType

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    value SecurityControlParameterValue
    The current value of a control parameter.
    valueType "DEFAULT" | "CUSTOM"

    Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.

    When ValueType is set equal to DEFAULT , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT , Security Hub ignores user-provided input for the Value field.

    When ValueType is set equal to CUSTOM , the Value field can't be empty.

    value Property Map
    The current value of a control parameter.

    SecurityControlParameterConfigurationValueType

    SecurityControlParameterValue

    Boolean bool
    A control parameter that is a boolean.
    Double double
    A control parameter that is a double.
    Enum string
    A control parameter that is a enum.
    EnumList List<string>
    A control parameter that is a list of enums.
    Integer int
    A control parameter that is a integer.
    IntegerList List<int>
    A control parameter that is a list of integers.
    String string
    A control parameter that is a string.
    StringList List<string>
    A control parameter that is a list of strings.
    Boolean bool
    A control parameter that is a boolean.
    Double float64
    A control parameter that is a double.
    Enum string
    A control parameter that is a enum.
    EnumList []string
    A control parameter that is a list of enums.
    Integer int
    A control parameter that is a integer.
    IntegerList []int
    A control parameter that is a list of integers.
    String string
    A control parameter that is a string.
    StringList []string
    A control parameter that is a list of strings.
    boolean_ Boolean
    A control parameter that is a boolean.
    double_ Double
    A control parameter that is a double.
    enumList List<String>
    A control parameter that is a list of enums.
    enum_ String
    A control parameter that is a enum.
    integer Integer
    A control parameter that is a integer.
    integerList List<Integer>
    A control parameter that is a list of integers.
    string String
    A control parameter that is a string.
    stringList List<String>
    A control parameter that is a list of strings.
    boolean boolean
    A control parameter that is a boolean.
    double number
    A control parameter that is a double.
    enum string
    A control parameter that is a enum.
    enumList string[]
    A control parameter that is a list of enums.
    integer number
    A control parameter that is a integer.
    integerList number[]
    A control parameter that is a list of integers.
    string string
    A control parameter that is a string.
    stringList string[]
    A control parameter that is a list of strings.
    boolean bool
    A control parameter that is a boolean.
    double float
    A control parameter that is a double.
    enum str
    A control parameter that is a enum.
    enum_list Sequence[str]
    A control parameter that is a list of enums.
    integer int
    A control parameter that is a integer.
    integer_list Sequence[int]
    A control parameter that is a list of integers.
    string str
    A control parameter that is a string.
    string_list Sequence[str]
    A control parameter that is a list of strings.
    boolean Boolean
    A control parameter that is a boolean.
    double Number
    A control parameter that is a double.
    enum String
    A control parameter that is a enum.
    enumList List<String>
    A control parameter that is a list of enums.
    integer Number
    A control parameter that is a integer.
    integerList List<Number>
    A control parameter that is a list of integers.
    string String
    A control parameter that is a string.
    stringList List<String>
    A control parameter that is a list of strings.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.9.0 published on Monday, Nov 18, 2024 by Pulumi