We recommend new projects start with resources from the AWS provider.
aws-native.securityhub.getSecurityControl
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
A security control in Security Hub describes a security best practice related to a specific resource.
Using getSecurityControl
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecurityControl(args: GetSecurityControlArgs, opts?: InvokeOptions): Promise<GetSecurityControlResult>
function getSecurityControlOutput(args: GetSecurityControlOutputArgs, opts?: InvokeOptions): Output<GetSecurityControlResult>
def get_security_control(security_control_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecurityControlResult
def get_security_control_output(security_control_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecurityControlResult]
func LookupSecurityControl(ctx *Context, args *LookupSecurityControlArgs, opts ...InvokeOption) (*LookupSecurityControlResult, error)
func LookupSecurityControlOutput(ctx *Context, args *LookupSecurityControlOutputArgs, opts ...InvokeOption) LookupSecurityControlResultOutput
> Note: This function is named LookupSecurityControl
in the Go SDK.
public static class GetSecurityControl
{
public static Task<GetSecurityControlResult> InvokeAsync(GetSecurityControlArgs args, InvokeOptions? opts = null)
public static Output<GetSecurityControlResult> Invoke(GetSecurityControlInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetSecurityControlResult> getSecurityControl(GetSecurityControlArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: aws-native:securityhub:getSecurityControl
arguments:
# arguments dictionary
The following arguments are supported:
- Security
Control stringId - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
- Security
Control stringId - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
- security
Control StringId - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
- security
Control stringId - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
- security_
control_ strid - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
- security
Control StringId - The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.
getSecurityControl Result
The following output properties are available:
- Last
Update stringReason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- Parameters
Dictionary<string, Pulumi.
Aws Native. Security Hub. Outputs. Security Control Parameter Configuration> - An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- Security
Control stringArn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
- Last
Update stringReason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- Parameters
map[string]Security
Control Parameter Configuration - An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- Security
Control stringArn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
- last
Update StringReason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- parameters
Map<String,Security
Control Parameter Configuration> - An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- security
Control StringArn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
- last
Update stringReason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- parameters
{[key: string]: Security
Control Parameter Configuration} - An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- security
Control stringArn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
- last_
update_ strreason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- parameters
Mapping[str, Security
Control Parameter Configuration] - An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- security_
control_ strarn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
- last
Update StringReason - The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
- parameters Map<Property Map>
- An object that identifies the name of a control parameter, its current value, and whether it has been customized.
- security
Control StringArn - The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
Supporting Types
SecurityControlParameterConfiguration
- Value
Type Pulumi.Aws Native. Security Hub. Security Control Parameter Configuration Value Type Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- Value
Pulumi.
Aws Native. Security Hub. Inputs. Security Control Parameter Value - The current value of a control parameter.
- Value
Type SecurityControl Parameter Configuration Value Type Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- Value
Security
Control Parameter Value - The current value of a control parameter.
- value
Type SecurityControl Parameter Configuration Value Type Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- value
Security
Control Parameter Value - The current value of a control parameter.
- value
Type SecurityControl Parameter Configuration Value Type Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- value
Security
Control Parameter Value - The current value of a control parameter.
- value_
type SecurityControl Parameter Configuration Value Type Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- value
Security
Control Parameter Value - The current value of a control parameter.
- value
Type "DEFAULT" | "CUSTOM" Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.
When
ValueType
is set equal toDEFAULT
, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. WhenValueType
is set equal toDEFAULT
, Security Hub ignores user-provided input for theValue
field.When
ValueType
is set equal toCUSTOM
, theValue
field can't be empty.- value Property Map
- The current value of a control parameter.
SecurityControlParameterConfigurationValueType
SecurityControlParameterValue
- Boolean bool
- A control parameter that is a boolean.
- Double double
- A control parameter that is a double.
- Enum string
- A control parameter that is a enum.
- Enum
List List<string> - A control parameter that is a list of enums.
- Integer int
- A control parameter that is a integer.
- Integer
List List<int> - A control parameter that is a list of integers.
- String string
- A control parameter that is a string.
- String
List List<string> - A control parameter that is a list of strings.
- Boolean bool
- A control parameter that is a boolean.
- Double float64
- A control parameter that is a double.
- Enum string
- A control parameter that is a enum.
- Enum
List []string - A control parameter that is a list of enums.
- Integer int
- A control parameter that is a integer.
- Integer
List []int - A control parameter that is a list of integers.
- String string
- A control parameter that is a string.
- String
List []string - A control parameter that is a list of strings.
- boolean_ Boolean
- A control parameter that is a boolean.
- double_ Double
- A control parameter that is a double.
- enum
List List<String> - A control parameter that is a list of enums.
- enum_ String
- A control parameter that is a enum.
- integer Integer
- A control parameter that is a integer.
- integer
List List<Integer> - A control parameter that is a list of integers.
- string String
- A control parameter that is a string.
- string
List List<String> - A control parameter that is a list of strings.
- boolean boolean
- A control parameter that is a boolean.
- double number
- A control parameter that is a double.
- enum string
- A control parameter that is a enum.
- enum
List string[] - A control parameter that is a list of enums.
- integer number
- A control parameter that is a integer.
- integer
List number[] - A control parameter that is a list of integers.
- string string
- A control parameter that is a string.
- string
List string[] - A control parameter that is a list of strings.
- boolean bool
- A control parameter that is a boolean.
- double float
- A control parameter that is a double.
- enum str
- A control parameter that is a enum.
- enum_
list Sequence[str] - A control parameter that is a list of enums.
- integer int
- A control parameter that is a integer.
- integer_
list Sequence[int] - A control parameter that is a list of integers.
- string str
- A control parameter that is a string.
- string_
list Sequence[str] - A control parameter that is a list of strings.
- boolean Boolean
- A control parameter that is a boolean.
- double Number
- A control parameter that is a double.
- enum String
- A control parameter that is a enum.
- enum
List List<String> - A control parameter that is a list of enums.
- integer Number
- A control parameter that is a integer.
- integer
List List<Number> - A control parameter that is a list of integers.
- string String
- A control parameter that is a string.
- string
List List<String> - A control parameter that is a list of strings.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.