1. Packages
  2. AWS
  3. API Docs
  4. securityhub
  5. AutomationRule
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.securityhub.AutomationRule

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Resource for managing an AWS Security Hub Automation Rule.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.securityhub.AutomationRule("example", {
        description: "Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk",
        ruleName: "Elevate severity of findings that relate to important resources",
        ruleOrder: 1,
        actions: [{
            findingFieldsUpdate: {
                severity: {
                    label: "CRITICAL",
                    product: 0,
                },
                note: {
                    text: "This is a critical resource. Please review ASAP.",
                    updatedBy: "sechub-automation",
                },
                types: ["Software and Configuration Checks/Industry and Regulatory Standards"],
                userDefinedFields: {
                    key: "value",
                },
            },
            type: "FINDING_FIELDS_UPDATE",
        }],
        criteria: {
            resourceIds: [{
                comparison: "EQUALS",
                value: "arn:aws:s3:::examplebucket/*",
            }],
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.securityhub.AutomationRule("example",
        description="Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk",
        rule_name="Elevate severity of findings that relate to important resources",
        rule_order=1,
        actions=[{
            "finding_fields_update": {
                "severity": {
                    "label": "CRITICAL",
                    "product": 0,
                },
                "note": {
                    "text": "This is a critical resource. Please review ASAP.",
                    "updated_by": "sechub-automation",
                },
                "types": ["Software and Configuration Checks/Industry and Regulatory Standards"],
                "user_defined_fields": {
                    "key": "value",
                },
            },
            "type": "FINDING_FIELDS_UPDATE",
        }],
        criteria={
            "resource_ids": [{
                "comparison": "EQUALS",
                "value": "arn:aws:s3:::examplebucket/*",
            }],
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/securityhub"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityhub.NewAutomationRule(ctx, "example", &securityhub.AutomationRuleArgs{
    			Description: pulumi.String("Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk"),
    			RuleName:    pulumi.String("Elevate severity of findings that relate to important resources"),
    			RuleOrder:   pulumi.Int(1),
    			Actions: securityhub.AutomationRuleActionArray{
    				&securityhub.AutomationRuleActionArgs{
    					FindingFieldsUpdate: &securityhub.AutomationRuleActionFindingFieldsUpdateArgs{
    						Severity: &securityhub.AutomationRuleActionFindingFieldsUpdateSeverityArgs{
    							Label:   pulumi.String("CRITICAL"),
    							Product: pulumi.Float64(0),
    						},
    						Note: &securityhub.AutomationRuleActionFindingFieldsUpdateNoteArgs{
    							Text:      pulumi.String("This is a critical resource. Please review ASAP."),
    							UpdatedBy: pulumi.String("sechub-automation"),
    						},
    						Types: pulumi.StringArray{
    							pulumi.String("Software and Configuration Checks/Industry and Regulatory Standards"),
    						},
    						UserDefinedFields: pulumi.StringMap{
    							"key": pulumi.String("value"),
    						},
    					},
    					Type: pulumi.String("FINDING_FIELDS_UPDATE"),
    				},
    			},
    			Criteria: &securityhub.AutomationRuleCriteriaArgs{
    				ResourceIds: securityhub.AutomationRuleCriteriaResourceIdArray{
    					&securityhub.AutomationRuleCriteriaResourceIdArgs{
    						Comparison: pulumi.String("EQUALS"),
    						Value:      pulumi.String("arn:aws:s3:::examplebucket/*"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.SecurityHub.AutomationRule("example", new()
        {
            Description = "Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk",
            RuleName = "Elevate severity of findings that relate to important resources",
            RuleOrder = 1,
            Actions = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleActionArgs
                {
                    FindingFieldsUpdate = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateArgs
                    {
                        Severity = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateSeverityArgs
                        {
                            Label = "CRITICAL",
                            Product = 0,
                        },
                        Note = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateNoteArgs
                        {
                            Text = "This is a critical resource. Please review ASAP.",
                            UpdatedBy = "sechub-automation",
                        },
                        Types = new[]
                        {
                            "Software and Configuration Checks/Industry and Regulatory Standards",
                        },
                        UserDefinedFields = 
                        {
                            { "key", "value" },
                        },
                    },
                    Type = "FINDING_FIELDS_UPDATE",
                },
            },
            Criteria = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaArgs
            {
                ResourceIds = new[]
                {
                    new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceIdArgs
                    {
                        Comparison = "EQUALS",
                        Value = "arn:aws:s3:::examplebucket/*",
                    },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.securityhub.AutomationRule;
    import com.pulumi.aws.securityhub.AutomationRuleArgs;
    import com.pulumi.aws.securityhub.inputs.AutomationRuleActionArgs;
    import com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateArgs;
    import com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateSeverityArgs;
    import com.pulumi.aws.securityhub.inputs.AutomationRuleActionFindingFieldsUpdateNoteArgs;
    import com.pulumi.aws.securityhub.inputs.AutomationRuleCriteriaArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new AutomationRule("example", AutomationRuleArgs.builder()
                .description("Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk")
                .ruleName("Elevate severity of findings that relate to important resources")
                .ruleOrder(1)
                .actions(AutomationRuleActionArgs.builder()
                    .findingFieldsUpdate(AutomationRuleActionFindingFieldsUpdateArgs.builder()
                        .severity(AutomationRuleActionFindingFieldsUpdateSeverityArgs.builder()
                            .label("CRITICAL")
                            .product("0.0")
                            .build())
                        .note(AutomationRuleActionFindingFieldsUpdateNoteArgs.builder()
                            .text("This is a critical resource. Please review ASAP.")
                            .updatedBy("sechub-automation")
                            .build())
                        .types("Software and Configuration Checks/Industry and Regulatory Standards")
                        .userDefinedFields(Map.of("key", "value"))
                        .build())
                    .type("FINDING_FIELDS_UPDATE")
                    .build())
                .criteria(AutomationRuleCriteriaArgs.builder()
                    .resourceIds(AutomationRuleCriteriaResourceIdArgs.builder()
                        .comparison("EQUALS")
                        .value("arn:aws:s3:::examplebucket/*")
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:securityhub:AutomationRule
        properties:
          description: Elevate finding severity to CRITICAL when specific resources such as an S3 bucket is at risk
          ruleName: Elevate severity of findings that relate to important resources
          ruleOrder: 1
          actions:
            - findingFieldsUpdate:
                severity:
                  label: CRITICAL
                  product: '0.0'
                note:
                  text: This is a critical resource. Please review ASAP.
                  updatedBy: sechub-automation
                types:
                  - Software and Configuration Checks/Industry and Regulatory Standards
                userDefinedFields:
                  key: value
              type: FINDING_FIELDS_UPDATE
          criteria:
            resourceIds:
              - comparison: EQUALS
                value: arn:aws:s3:::examplebucket/*
    

    Create AutomationRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new AutomationRule(name: string, args: AutomationRuleArgs, opts?: CustomResourceOptions);
    @overload
    def AutomationRule(resource_name: str,
                       args: AutomationRuleArgs,
                       opts: Optional[ResourceOptions] = None)
    
    @overload
    def AutomationRule(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       description: Optional[str] = None,
                       rule_name: Optional[str] = None,
                       rule_order: Optional[int] = None,
                       actions: Optional[Sequence[AutomationRuleActionArgs]] = None,
                       criteria: Optional[AutomationRuleCriteriaArgs] = None,
                       is_terminal: Optional[bool] = None,
                       rule_status: Optional[str] = None,
                       tags: Optional[Mapping[str, str]] = None)
    func NewAutomationRule(ctx *Context, name string, args AutomationRuleArgs, opts ...ResourceOption) (*AutomationRule, error)
    public AutomationRule(string name, AutomationRuleArgs args, CustomResourceOptions? opts = null)
    public AutomationRule(String name, AutomationRuleArgs args)
    public AutomationRule(String name, AutomationRuleArgs args, CustomResourceOptions options)
    
    type: aws:securityhub:AutomationRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args AutomationRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var automationRuleResource = new Aws.SecurityHub.AutomationRule("automationRuleResource", new()
    {
        Description = "string",
        RuleName = "string",
        RuleOrder = 0,
        Actions = new[]
        {
            new Aws.SecurityHub.Inputs.AutomationRuleActionArgs
            {
                FindingFieldsUpdate = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateArgs
                {
                    Confidence = 0,
                    Criticality = 0,
                    Note = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateNoteArgs
                    {
                        Text = "string",
                        UpdatedBy = "string",
                    },
                    RelatedFindings = new[]
                    {
                        new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateRelatedFindingArgs
                        {
                            Id = "string",
                            ProductArn = "string",
                        },
                    },
                    Severity = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateSeverityArgs
                    {
                        Label = "string",
                        Product = 0,
                    },
                    Types = new[]
                    {
                        "string",
                    },
                    UserDefinedFields = 
                    {
                        { "string", "string" },
                    },
                    VerificationState = "string",
                    Workflow = new Aws.SecurityHub.Inputs.AutomationRuleActionFindingFieldsUpdateWorkflowArgs
                    {
                        Status = "string",
                    },
                },
                Type = "string",
            },
        },
        Criteria = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaArgs
        {
            AwsAccountIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaAwsAccountIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            AwsAccountNames = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaAwsAccountNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            CompanyNames = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaCompanyNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ComplianceAssociatedStandardsIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaComplianceAssociatedStandardsIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ComplianceSecurityControlIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaComplianceSecurityControlIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ComplianceStatuses = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaComplianceStatusArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Confidences = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaConfidenceArgs
                {
                    Eq = 0,
                    Gt = 0,
                    Gte = 0,
                    Lt = 0,
                    Lte = 0,
                },
            },
            CreatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaCreatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaCreatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            Criticalities = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaCriticalityArgs
                {
                    Eq = 0,
                    Gt = 0,
                    Gte = 0,
                    Lt = 0,
                    Lte = 0,
                },
            },
            Descriptions = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaDescriptionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            FirstObservedAts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaFirstObservedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaFirstObservedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            GeneratorIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaGeneratorIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Ids = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            LastObservedAts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaLastObservedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaLastObservedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            NoteTexts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaNoteTextArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            NoteUpdatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaNoteUpdatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaNoteUpdatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            NoteUpdatedBies = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaNoteUpdatedByArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProductArns = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaProductArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ProductNames = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaProductNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RecordStates = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaRecordStateArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RelatedFindingsIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaRelatedFindingsIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            RelatedFindingsProductArns = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaRelatedFindingsProductArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceApplicationArns = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceApplicationArnArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceApplicationNames = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceApplicationNameArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceDetailsOthers = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceDetailsOtherArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            ResourceIds = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceIdArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourcePartitions = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourcePartitionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceRegions = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceRegionArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            ResourceTags = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceTagArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            ResourceTypes = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaResourceTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            SeverityLabels = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaSeverityLabelArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            SourceUrls = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaSourceUrlArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Titles = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaTitleArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            Types = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaTypeArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            UpdatedAts = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaUpdatedAtArgs
                {
                    DateRange = new Aws.SecurityHub.Inputs.AutomationRuleCriteriaUpdatedAtDateRangeArgs
                    {
                        Unit = "string",
                        Value = 0,
                    },
                    End = "string",
                    Start = "string",
                },
            },
            UserDefinedFields = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaUserDefinedFieldArgs
                {
                    Comparison = "string",
                    Key = "string",
                    Value = "string",
                },
            },
            VerificationStates = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaVerificationStateArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
            WorkflowStatuses = new[]
            {
                new Aws.SecurityHub.Inputs.AutomationRuleCriteriaWorkflowStatusArgs
                {
                    Comparison = "string",
                    Value = "string",
                },
            },
        },
        IsTerminal = false,
        RuleStatus = "string",
        Tags = 
        {
            { "string", "string" },
        },
    });
    
    example, err := securityhub.NewAutomationRule(ctx, "automationRuleResource", &securityhub.AutomationRuleArgs{
    	Description: pulumi.String("string"),
    	RuleName:    pulumi.String("string"),
    	RuleOrder:   pulumi.Int(0),
    	Actions: securityhub.AutomationRuleActionArray{
    		&securityhub.AutomationRuleActionArgs{
    			FindingFieldsUpdate: &securityhub.AutomationRuleActionFindingFieldsUpdateArgs{
    				Confidence:  pulumi.Int(0),
    				Criticality: pulumi.Int(0),
    				Note: &securityhub.AutomationRuleActionFindingFieldsUpdateNoteArgs{
    					Text:      pulumi.String("string"),
    					UpdatedBy: pulumi.String("string"),
    				},
    				RelatedFindings: securityhub.AutomationRuleActionFindingFieldsUpdateRelatedFindingArray{
    					&securityhub.AutomationRuleActionFindingFieldsUpdateRelatedFindingArgs{
    						Id:         pulumi.String("string"),
    						ProductArn: pulumi.String("string"),
    					},
    				},
    				Severity: &securityhub.AutomationRuleActionFindingFieldsUpdateSeverityArgs{
    					Label:   pulumi.String("string"),
    					Product: pulumi.Float64(0),
    				},
    				Types: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				UserDefinedFields: pulumi.StringMap{
    					"string": pulumi.String("string"),
    				},
    				VerificationState: pulumi.String("string"),
    				Workflow: &securityhub.AutomationRuleActionFindingFieldsUpdateWorkflowArgs{
    					Status: pulumi.String("string"),
    				},
    			},
    			Type: pulumi.String("string"),
    		},
    	},
    	Criteria: &securityhub.AutomationRuleCriteriaArgs{
    		AwsAccountIds: securityhub.AutomationRuleCriteriaAwsAccountIdArray{
    			&securityhub.AutomationRuleCriteriaAwsAccountIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		AwsAccountNames: securityhub.AutomationRuleCriteriaAwsAccountNameArray{
    			&securityhub.AutomationRuleCriteriaAwsAccountNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		CompanyNames: securityhub.AutomationRuleCriteriaCompanyNameArray{
    			&securityhub.AutomationRuleCriteriaCompanyNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ComplianceAssociatedStandardsIds: securityhub.AutomationRuleCriteriaComplianceAssociatedStandardsIdArray{
    			&securityhub.AutomationRuleCriteriaComplianceAssociatedStandardsIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ComplianceSecurityControlIds: securityhub.AutomationRuleCriteriaComplianceSecurityControlIdArray{
    			&securityhub.AutomationRuleCriteriaComplianceSecurityControlIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ComplianceStatuses: securityhub.AutomationRuleCriteriaComplianceStatusArray{
    			&securityhub.AutomationRuleCriteriaComplianceStatusArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Confidences: securityhub.AutomationRuleCriteriaConfidenceArray{
    			&securityhub.AutomationRuleCriteriaConfidenceArgs{
    				Eq:  pulumi.Float64(0),
    				Gt:  pulumi.Float64(0),
    				Gte: pulumi.Float64(0),
    				Lt:  pulumi.Float64(0),
    				Lte: pulumi.Float64(0),
    			},
    		},
    		CreatedAts: securityhub.AutomationRuleCriteriaCreatedAtArray{
    			&securityhub.AutomationRuleCriteriaCreatedAtArgs{
    				DateRange: &securityhub.AutomationRuleCriteriaCreatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		Criticalities: securityhub.AutomationRuleCriteriaCriticalityArray{
    			&securityhub.AutomationRuleCriteriaCriticalityArgs{
    				Eq:  pulumi.Float64(0),
    				Gt:  pulumi.Float64(0),
    				Gte: pulumi.Float64(0),
    				Lt:  pulumi.Float64(0),
    				Lte: pulumi.Float64(0),
    			},
    		},
    		Descriptions: securityhub.AutomationRuleCriteriaDescriptionArray{
    			&securityhub.AutomationRuleCriteriaDescriptionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		FirstObservedAts: securityhub.AutomationRuleCriteriaFirstObservedAtArray{
    			&securityhub.AutomationRuleCriteriaFirstObservedAtArgs{
    				DateRange: &securityhub.AutomationRuleCriteriaFirstObservedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		GeneratorIds: securityhub.AutomationRuleCriteriaGeneratorIdArray{
    			&securityhub.AutomationRuleCriteriaGeneratorIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Ids: securityhub.AutomationRuleCriteriaIdArray{
    			&securityhub.AutomationRuleCriteriaIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		LastObservedAts: securityhub.AutomationRuleCriteriaLastObservedAtArray{
    			&securityhub.AutomationRuleCriteriaLastObservedAtArgs{
    				DateRange: &securityhub.AutomationRuleCriteriaLastObservedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		NoteTexts: securityhub.AutomationRuleCriteriaNoteTextArray{
    			&securityhub.AutomationRuleCriteriaNoteTextArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		NoteUpdatedAts: securityhub.AutomationRuleCriteriaNoteUpdatedAtArray{
    			&securityhub.AutomationRuleCriteriaNoteUpdatedAtArgs{
    				DateRange: &securityhub.AutomationRuleCriteriaNoteUpdatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		NoteUpdatedBies: securityhub.AutomationRuleCriteriaNoteUpdatedByArray{
    			&securityhub.AutomationRuleCriteriaNoteUpdatedByArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProductArns: securityhub.AutomationRuleCriteriaProductArnArray{
    			&securityhub.AutomationRuleCriteriaProductArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ProductNames: securityhub.AutomationRuleCriteriaProductNameArray{
    			&securityhub.AutomationRuleCriteriaProductNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RecordStates: securityhub.AutomationRuleCriteriaRecordStateArray{
    			&securityhub.AutomationRuleCriteriaRecordStateArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RelatedFindingsIds: securityhub.AutomationRuleCriteriaRelatedFindingsIdArray{
    			&securityhub.AutomationRuleCriteriaRelatedFindingsIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		RelatedFindingsProductArns: securityhub.AutomationRuleCriteriaRelatedFindingsProductArnArray{
    			&securityhub.AutomationRuleCriteriaRelatedFindingsProductArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceApplicationArns: securityhub.AutomationRuleCriteriaResourceApplicationArnArray{
    			&securityhub.AutomationRuleCriteriaResourceApplicationArnArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceApplicationNames: securityhub.AutomationRuleCriteriaResourceApplicationNameArray{
    			&securityhub.AutomationRuleCriteriaResourceApplicationNameArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceDetailsOthers: securityhub.AutomationRuleCriteriaResourceDetailsOtherArray{
    			&securityhub.AutomationRuleCriteriaResourceDetailsOtherArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceIds: securityhub.AutomationRuleCriteriaResourceIdArray{
    			&securityhub.AutomationRuleCriteriaResourceIdArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourcePartitions: securityhub.AutomationRuleCriteriaResourcePartitionArray{
    			&securityhub.AutomationRuleCriteriaResourcePartitionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceRegions: securityhub.AutomationRuleCriteriaResourceRegionArray{
    			&securityhub.AutomationRuleCriteriaResourceRegionArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceTags: securityhub.AutomationRuleCriteriaResourceTagArray{
    			&securityhub.AutomationRuleCriteriaResourceTagArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		ResourceTypes: securityhub.AutomationRuleCriteriaResourceTypeArray{
    			&securityhub.AutomationRuleCriteriaResourceTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		SeverityLabels: securityhub.AutomationRuleCriteriaSeverityLabelArray{
    			&securityhub.AutomationRuleCriteriaSeverityLabelArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		SourceUrls: securityhub.AutomationRuleCriteriaSourceUrlArray{
    			&securityhub.AutomationRuleCriteriaSourceUrlArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Titles: securityhub.AutomationRuleCriteriaTitleArray{
    			&securityhub.AutomationRuleCriteriaTitleArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		Types: securityhub.AutomationRuleCriteriaTypeArray{
    			&securityhub.AutomationRuleCriteriaTypeArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		UpdatedAts: securityhub.AutomationRuleCriteriaUpdatedAtArray{
    			&securityhub.AutomationRuleCriteriaUpdatedAtArgs{
    				DateRange: &securityhub.AutomationRuleCriteriaUpdatedAtDateRangeArgs{
    					Unit:  pulumi.String("string"),
    					Value: pulumi.Int(0),
    				},
    				End:   pulumi.String("string"),
    				Start: pulumi.String("string"),
    			},
    		},
    		UserDefinedFields: securityhub.AutomationRuleCriteriaUserDefinedFieldArray{
    			&securityhub.AutomationRuleCriteriaUserDefinedFieldArgs{
    				Comparison: pulumi.String("string"),
    				Key:        pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		VerificationStates: securityhub.AutomationRuleCriteriaVerificationStateArray{
    			&securityhub.AutomationRuleCriteriaVerificationStateArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    		WorkflowStatuses: securityhub.AutomationRuleCriteriaWorkflowStatusArray{
    			&securityhub.AutomationRuleCriteriaWorkflowStatusArgs{
    				Comparison: pulumi.String("string"),
    				Value:      pulumi.String("string"),
    			},
    		},
    	},
    	IsTerminal: pulumi.Bool(false),
    	RuleStatus: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    })
    
    var automationRuleResource = new AutomationRule("automationRuleResource", AutomationRuleArgs.builder()
        .description("string")
        .ruleName("string")
        .ruleOrder(0)
        .actions(AutomationRuleActionArgs.builder()
            .findingFieldsUpdate(AutomationRuleActionFindingFieldsUpdateArgs.builder()
                .confidence(0)
                .criticality(0)
                .note(AutomationRuleActionFindingFieldsUpdateNoteArgs.builder()
                    .text("string")
                    .updatedBy("string")
                    .build())
                .relatedFindings(AutomationRuleActionFindingFieldsUpdateRelatedFindingArgs.builder()
                    .id("string")
                    .productArn("string")
                    .build())
                .severity(AutomationRuleActionFindingFieldsUpdateSeverityArgs.builder()
                    .label("string")
                    .product(0)
                    .build())
                .types("string")
                .userDefinedFields(Map.of("string", "string"))
                .verificationState("string")
                .workflow(AutomationRuleActionFindingFieldsUpdateWorkflowArgs.builder()
                    .status("string")
                    .build())
                .build())
            .type("string")
            .build())
        .criteria(AutomationRuleCriteriaArgs.builder()
            .awsAccountIds(AutomationRuleCriteriaAwsAccountIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .awsAccountNames(AutomationRuleCriteriaAwsAccountNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .companyNames(AutomationRuleCriteriaCompanyNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .complianceAssociatedStandardsIds(AutomationRuleCriteriaComplianceAssociatedStandardsIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .complianceSecurityControlIds(AutomationRuleCriteriaComplianceSecurityControlIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .complianceStatuses(AutomationRuleCriteriaComplianceStatusArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .confidences(AutomationRuleCriteriaConfidenceArgs.builder()
                .eq(0)
                .gt(0)
                .gte(0)
                .lt(0)
                .lte(0)
                .build())
            .createdAts(AutomationRuleCriteriaCreatedAtArgs.builder()
                .dateRange(AutomationRuleCriteriaCreatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .criticalities(AutomationRuleCriteriaCriticalityArgs.builder()
                .eq(0)
                .gt(0)
                .gte(0)
                .lt(0)
                .lte(0)
                .build())
            .descriptions(AutomationRuleCriteriaDescriptionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .firstObservedAts(AutomationRuleCriteriaFirstObservedAtArgs.builder()
                .dateRange(AutomationRuleCriteriaFirstObservedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .generatorIds(AutomationRuleCriteriaGeneratorIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .ids(AutomationRuleCriteriaIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .lastObservedAts(AutomationRuleCriteriaLastObservedAtArgs.builder()
                .dateRange(AutomationRuleCriteriaLastObservedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .noteTexts(AutomationRuleCriteriaNoteTextArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .noteUpdatedAts(AutomationRuleCriteriaNoteUpdatedAtArgs.builder()
                .dateRange(AutomationRuleCriteriaNoteUpdatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .noteUpdatedBies(AutomationRuleCriteriaNoteUpdatedByArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .productArns(AutomationRuleCriteriaProductArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .productNames(AutomationRuleCriteriaProductNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .recordStates(AutomationRuleCriteriaRecordStateArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .relatedFindingsIds(AutomationRuleCriteriaRelatedFindingsIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .relatedFindingsProductArns(AutomationRuleCriteriaRelatedFindingsProductArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceApplicationArns(AutomationRuleCriteriaResourceApplicationArnArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceApplicationNames(AutomationRuleCriteriaResourceApplicationNameArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceDetailsOthers(AutomationRuleCriteriaResourceDetailsOtherArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .resourceIds(AutomationRuleCriteriaResourceIdArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourcePartitions(AutomationRuleCriteriaResourcePartitionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceRegions(AutomationRuleCriteriaResourceRegionArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .resourceTags(AutomationRuleCriteriaResourceTagArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .resourceTypes(AutomationRuleCriteriaResourceTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .severityLabels(AutomationRuleCriteriaSeverityLabelArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .sourceUrls(AutomationRuleCriteriaSourceUrlArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .titles(AutomationRuleCriteriaTitleArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .types(AutomationRuleCriteriaTypeArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .updatedAts(AutomationRuleCriteriaUpdatedAtArgs.builder()
                .dateRange(AutomationRuleCriteriaUpdatedAtDateRangeArgs.builder()
                    .unit("string")
                    .value(0)
                    .build())
                .end("string")
                .start("string")
                .build())
            .userDefinedFields(AutomationRuleCriteriaUserDefinedFieldArgs.builder()
                .comparison("string")
                .key("string")
                .value("string")
                .build())
            .verificationStates(AutomationRuleCriteriaVerificationStateArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .workflowStatuses(AutomationRuleCriteriaWorkflowStatusArgs.builder()
                .comparison("string")
                .value("string")
                .build())
            .build())
        .isTerminal(false)
        .ruleStatus("string")
        .tags(Map.of("string", "string"))
        .build());
    
    automation_rule_resource = aws.securityhub.AutomationRule("automationRuleResource",
        description="string",
        rule_name="string",
        rule_order=0,
        actions=[{
            "finding_fields_update": {
                "confidence": 0,
                "criticality": 0,
                "note": {
                    "text": "string",
                    "updated_by": "string",
                },
                "related_findings": [{
                    "id": "string",
                    "product_arn": "string",
                }],
                "severity": {
                    "label": "string",
                    "product": 0,
                },
                "types": ["string"],
                "user_defined_fields": {
                    "string": "string",
                },
                "verification_state": "string",
                "workflow": {
                    "status": "string",
                },
            },
            "type": "string",
        }],
        criteria={
            "aws_account_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "aws_account_names": [{
                "comparison": "string",
                "value": "string",
            }],
            "company_names": [{
                "comparison": "string",
                "value": "string",
            }],
            "compliance_associated_standards_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "compliance_security_control_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "compliance_statuses": [{
                "comparison": "string",
                "value": "string",
            }],
            "confidences": [{
                "eq": 0,
                "gt": 0,
                "gte": 0,
                "lt": 0,
                "lte": 0,
            }],
            "created_ats": [{
                "date_range": {
                    "unit": "string",
                    "value": 0,
                },
                "end": "string",
                "start": "string",
            }],
            "criticalities": [{
                "eq": 0,
                "gt": 0,
                "gte": 0,
                "lt": 0,
                "lte": 0,
            }],
            "descriptions": [{
                "comparison": "string",
                "value": "string",
            }],
            "first_observed_ats": [{
                "date_range": {
                    "unit": "string",
                    "value": 0,
                },
                "end": "string",
                "start": "string",
            }],
            "generator_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "last_observed_ats": [{
                "date_range": {
                    "unit": "string",
                    "value": 0,
                },
                "end": "string",
                "start": "string",
            }],
            "note_texts": [{
                "comparison": "string",
                "value": "string",
            }],
            "note_updated_ats": [{
                "date_range": {
                    "unit": "string",
                    "value": 0,
                },
                "end": "string",
                "start": "string",
            }],
            "note_updated_bies": [{
                "comparison": "string",
                "value": "string",
            }],
            "product_arns": [{
                "comparison": "string",
                "value": "string",
            }],
            "product_names": [{
                "comparison": "string",
                "value": "string",
            }],
            "record_states": [{
                "comparison": "string",
                "value": "string",
            }],
            "related_findings_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "related_findings_product_arns": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_application_arns": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_application_names": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_details_others": [{
                "comparison": "string",
                "key": "string",
                "value": "string",
            }],
            "resource_ids": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_partitions": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_regions": [{
                "comparison": "string",
                "value": "string",
            }],
            "resource_tags": [{
                "comparison": "string",
                "key": "string",
                "value": "string",
            }],
            "resource_types": [{
                "comparison": "string",
                "value": "string",
            }],
            "severity_labels": [{
                "comparison": "string",
                "value": "string",
            }],
            "source_urls": [{
                "comparison": "string",
                "value": "string",
            }],
            "titles": [{
                "comparison": "string",
                "value": "string",
            }],
            "types": [{
                "comparison": "string",
                "value": "string",
            }],
            "updated_ats": [{
                "date_range": {
                    "unit": "string",
                    "value": 0,
                },
                "end": "string",
                "start": "string",
            }],
            "user_defined_fields": [{
                "comparison": "string",
                "key": "string",
                "value": "string",
            }],
            "verification_states": [{
                "comparison": "string",
                "value": "string",
            }],
            "workflow_statuses": [{
                "comparison": "string",
                "value": "string",
            }],
        },
        is_terminal=False,
        rule_status="string",
        tags={
            "string": "string",
        })
    
    const automationRuleResource = new aws.securityhub.AutomationRule("automationRuleResource", {
        description: "string",
        ruleName: "string",
        ruleOrder: 0,
        actions: [{
            findingFieldsUpdate: {
                confidence: 0,
                criticality: 0,
                note: {
                    text: "string",
                    updatedBy: "string",
                },
                relatedFindings: [{
                    id: "string",
                    productArn: "string",
                }],
                severity: {
                    label: "string",
                    product: 0,
                },
                types: ["string"],
                userDefinedFields: {
                    string: "string",
                },
                verificationState: "string",
                workflow: {
                    status: "string",
                },
            },
            type: "string",
        }],
        criteria: {
            awsAccountIds: [{
                comparison: "string",
                value: "string",
            }],
            awsAccountNames: [{
                comparison: "string",
                value: "string",
            }],
            companyNames: [{
                comparison: "string",
                value: "string",
            }],
            complianceAssociatedStandardsIds: [{
                comparison: "string",
                value: "string",
            }],
            complianceSecurityControlIds: [{
                comparison: "string",
                value: "string",
            }],
            complianceStatuses: [{
                comparison: "string",
                value: "string",
            }],
            confidences: [{
                eq: 0,
                gt: 0,
                gte: 0,
                lt: 0,
                lte: 0,
            }],
            createdAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            criticalities: [{
                eq: 0,
                gt: 0,
                gte: 0,
                lt: 0,
                lte: 0,
            }],
            descriptions: [{
                comparison: "string",
                value: "string",
            }],
            firstObservedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            generatorIds: [{
                comparison: "string",
                value: "string",
            }],
            ids: [{
                comparison: "string",
                value: "string",
            }],
            lastObservedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            noteTexts: [{
                comparison: "string",
                value: "string",
            }],
            noteUpdatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            noteUpdatedBies: [{
                comparison: "string",
                value: "string",
            }],
            productArns: [{
                comparison: "string",
                value: "string",
            }],
            productNames: [{
                comparison: "string",
                value: "string",
            }],
            recordStates: [{
                comparison: "string",
                value: "string",
            }],
            relatedFindingsIds: [{
                comparison: "string",
                value: "string",
            }],
            relatedFindingsProductArns: [{
                comparison: "string",
                value: "string",
            }],
            resourceApplicationArns: [{
                comparison: "string",
                value: "string",
            }],
            resourceApplicationNames: [{
                comparison: "string",
                value: "string",
            }],
            resourceDetailsOthers: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            resourceIds: [{
                comparison: "string",
                value: "string",
            }],
            resourcePartitions: [{
                comparison: "string",
                value: "string",
            }],
            resourceRegions: [{
                comparison: "string",
                value: "string",
            }],
            resourceTags: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            resourceTypes: [{
                comparison: "string",
                value: "string",
            }],
            severityLabels: [{
                comparison: "string",
                value: "string",
            }],
            sourceUrls: [{
                comparison: "string",
                value: "string",
            }],
            titles: [{
                comparison: "string",
                value: "string",
            }],
            types: [{
                comparison: "string",
                value: "string",
            }],
            updatedAts: [{
                dateRange: {
                    unit: "string",
                    value: 0,
                },
                end: "string",
                start: "string",
            }],
            userDefinedFields: [{
                comparison: "string",
                key: "string",
                value: "string",
            }],
            verificationStates: [{
                comparison: "string",
                value: "string",
            }],
            workflowStatuses: [{
                comparison: "string",
                value: "string",
            }],
        },
        isTerminal: false,
        ruleStatus: "string",
        tags: {
            string: "string",
        },
    });
    
    type: aws:securityhub:AutomationRule
    properties:
        actions:
            - findingFieldsUpdate:
                confidence: 0
                criticality: 0
                note:
                    text: string
                    updatedBy: string
                relatedFindings:
                    - id: string
                      productArn: string
                severity:
                    label: string
                    product: 0
                types:
                    - string
                userDefinedFields:
                    string: string
                verificationState: string
                workflow:
                    status: string
              type: string
        criteria:
            awsAccountIds:
                - comparison: string
                  value: string
            awsAccountNames:
                - comparison: string
                  value: string
            companyNames:
                - comparison: string
                  value: string
            complianceAssociatedStandardsIds:
                - comparison: string
                  value: string
            complianceSecurityControlIds:
                - comparison: string
                  value: string
            complianceStatuses:
                - comparison: string
                  value: string
            confidences:
                - eq: 0
                  gt: 0
                  gte: 0
                  lt: 0
                  lte: 0
            createdAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            criticalities:
                - eq: 0
                  gt: 0
                  gte: 0
                  lt: 0
                  lte: 0
            descriptions:
                - comparison: string
                  value: string
            firstObservedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            generatorIds:
                - comparison: string
                  value: string
            ids:
                - comparison: string
                  value: string
            lastObservedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            noteTexts:
                - comparison: string
                  value: string
            noteUpdatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            noteUpdatedBies:
                - comparison: string
                  value: string
            productArns:
                - comparison: string
                  value: string
            productNames:
                - comparison: string
                  value: string
            recordStates:
                - comparison: string
                  value: string
            relatedFindingsIds:
                - comparison: string
                  value: string
            relatedFindingsProductArns:
                - comparison: string
                  value: string
            resourceApplicationArns:
                - comparison: string
                  value: string
            resourceApplicationNames:
                - comparison: string
                  value: string
            resourceDetailsOthers:
                - comparison: string
                  key: string
                  value: string
            resourceIds:
                - comparison: string
                  value: string
            resourcePartitions:
                - comparison: string
                  value: string
            resourceRegions:
                - comparison: string
                  value: string
            resourceTags:
                - comparison: string
                  key: string
                  value: string
            resourceTypes:
                - comparison: string
                  value: string
            severityLabels:
                - comparison: string
                  value: string
            sourceUrls:
                - comparison: string
                  value: string
            titles:
                - comparison: string
                  value: string
            types:
                - comparison: string
                  value: string
            updatedAts:
                - dateRange:
                    unit: string
                    value: 0
                  end: string
                  start: string
            userDefinedFields:
                - comparison: string
                  key: string
                  value: string
            verificationStates:
                - comparison: string
                  value: string
            workflowStatuses:
                - comparison: string
                  value: string
        description: string
        isTerminal: false
        ruleName: string
        ruleOrder: 0
        ruleStatus: string
        tags:
            string: string
    

    AutomationRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The AutomationRule resource accepts the following input properties:

    Description string
    The description of the rule.
    RuleName string
    The name of the rule.
    RuleOrder int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    Actions List<AutomationRuleAction>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    Criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    IsTerminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    RuleStatus string
    Whether the rule is active after it is created.
    Tags Dictionary<string, string>
    Description string
    The description of the rule.
    RuleName string
    The name of the rule.
    RuleOrder int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    Actions []AutomationRuleActionArgs
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    Criteria AutomationRuleCriteriaArgs
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    IsTerminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    RuleStatus string
    Whether the rule is active after it is created.
    Tags map[string]string
    description String
    The description of the rule.
    ruleName String
    The name of the rule.
    ruleOrder Integer
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    actions List<AutomationRuleAction>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    isTerminal Boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleStatus String
    Whether the rule is active after it is created.
    tags Map<String,String>
    description string
    The description of the rule.
    ruleName string
    The name of the rule.
    ruleOrder number
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    actions AutomationRuleAction[]
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    isTerminal boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleStatus string
    Whether the rule is active after it is created.
    tags {[key: string]: string}
    description str
    The description of the rule.
    rule_name str
    The name of the rule.
    rule_order int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    actions Sequence[AutomationRuleActionArgs]
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    criteria AutomationRuleCriteriaArgs
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    is_terminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    rule_status str
    Whether the rule is active after it is created.
    tags Mapping[str, str]
    description String
    The description of the rule.
    ruleName String
    The name of the rule.
    ruleOrder Number
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    actions List<Property Map>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    criteria Property Map
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    isTerminal Boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleStatus String
    Whether the rule is active after it is created.
    tags Map<String>

    Outputs

    All input properties are implicitly available as output properties. Additionally, the AutomationRule resource produces the following output properties:

    Arn string
    The ARN of the Security Hub automation rule.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    Arn string
    The ARN of the Security Hub automation rule.
    Id string
    The provider-assigned unique ID for this managed resource.
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    arn String
    The ARN of the Security Hub automation rule.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    arn string
    The ARN of the Security Hub automation rule.
    id string
    The provider-assigned unique ID for this managed resource.
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    arn str
    The ARN of the Security Hub automation rule.
    id str
    The provider-assigned unique ID for this managed resource.
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    arn String
    The ARN of the Security Hub automation rule.
    id String
    The provider-assigned unique ID for this managed resource.
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    Look up Existing AutomationRule Resource

    Get an existing AutomationRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: AutomationRuleState, opts?: CustomResourceOptions): AutomationRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            actions: Optional[Sequence[AutomationRuleActionArgs]] = None,
            arn: Optional[str] = None,
            criteria: Optional[AutomationRuleCriteriaArgs] = None,
            description: Optional[str] = None,
            is_terminal: Optional[bool] = None,
            rule_name: Optional[str] = None,
            rule_order: Optional[int] = None,
            rule_status: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None) -> AutomationRule
    func GetAutomationRule(ctx *Context, name string, id IDInput, state *AutomationRuleState, opts ...ResourceOption) (*AutomationRule, error)
    public static AutomationRule Get(string name, Input<string> id, AutomationRuleState? state, CustomResourceOptions? opts = null)
    public static AutomationRule get(String name, Output<String> id, AutomationRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Actions List<AutomationRuleAction>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    Arn string
    The ARN of the Security Hub automation rule.
    Criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    Description string
    The description of the rule.
    IsTerminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    RuleName string
    The name of the rule.
    RuleOrder int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    RuleStatus string
    Whether the rule is active after it is created.
    Tags Dictionary<string, string>
    TagsAll Dictionary<string, string>

    Deprecated: Please use tags instead.

    Actions []AutomationRuleActionArgs
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    Arn string
    The ARN of the Security Hub automation rule.
    Criteria AutomationRuleCriteriaArgs
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    Description string
    The description of the rule.
    IsTerminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    RuleName string
    The name of the rule.
    RuleOrder int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    RuleStatus string
    Whether the rule is active after it is created.
    Tags map[string]string
    TagsAll map[string]string

    Deprecated: Please use tags instead.

    actions List<AutomationRuleAction>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    arn String
    The ARN of the Security Hub automation rule.
    criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    description String
    The description of the rule.
    isTerminal Boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleName String
    The name of the rule.
    ruleOrder Integer
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    ruleStatus String
    Whether the rule is active after it is created.
    tags Map<String,String>
    tagsAll Map<String,String>

    Deprecated: Please use tags instead.

    actions AutomationRuleAction[]
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    arn string
    The ARN of the Security Hub automation rule.
    criteria AutomationRuleCriteria
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    description string
    The description of the rule.
    isTerminal boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleName string
    The name of the rule.
    ruleOrder number
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    ruleStatus string
    Whether the rule is active after it is created.
    tags {[key: string]: string}
    tagsAll {[key: string]: string}

    Deprecated: Please use tags instead.

    actions Sequence[AutomationRuleActionArgs]
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    arn str
    The ARN of the Security Hub automation rule.
    criteria AutomationRuleCriteriaArgs
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    description str
    The description of the rule.
    is_terminal bool
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    rule_name str
    The name of the rule.
    rule_order int
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    rule_status str
    Whether the rule is active after it is created.
    tags Mapping[str, str]
    tags_all Mapping[str, str]

    Deprecated: Please use tags instead.

    actions List<Property Map>
    A block that specifies one or more actions to update finding fields if a finding matches the conditions specified in Criteria. Documented below.
    arn String
    The ARN of the Security Hub automation rule.
    criteria Property Map
    A block that specifies a set of ASFF finding field attributes and corresponding expected values that Security Hub uses to filter findings. Documented below.
    description String
    The description of the rule.
    isTerminal Boolean
    Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. Defaults to false.
    ruleName String
    The name of the rule.
    ruleOrder Number
    An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.
    ruleStatus String
    Whether the rule is active after it is created.
    tags Map<String>
    tagsAll Map<String>

    Deprecated: Please use tags instead.

    Supporting Types

    AutomationRuleAction, AutomationRuleActionArgs

    FindingFieldsUpdate AutomationRuleActionFindingFieldsUpdate
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    Type string
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.
    FindingFieldsUpdate AutomationRuleActionFindingFieldsUpdate
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    Type string
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.
    findingFieldsUpdate AutomationRuleActionFindingFieldsUpdate
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    type String
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.
    findingFieldsUpdate AutomationRuleActionFindingFieldsUpdate
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    type string
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.
    finding_fields_update AutomationRuleActionFindingFieldsUpdate
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    type str
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.
    findingFieldsUpdate Property Map
    A block that specifies that the automation rule action is an update to a finding field. Documented below.
    type String
    Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier.

    AutomationRuleActionFindingFieldsUpdate, AutomationRuleActionFindingFieldsUpdateArgs

    Confidence int
    The rule action updates the Confidence field of a finding.
    Criticality int
    The rule action updates the Criticality field of a finding.
    Note AutomationRuleActionFindingFieldsUpdateNote
    A resource block that updates the note. Documented below.
    RelatedFindings List<AutomationRuleActionFindingFieldsUpdateRelatedFinding>
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    Severity AutomationRuleActionFindingFieldsUpdateSeverity
    A resource block that updates to the severity information for a finding. Documented below.
    Types List<string>
    The rule action updates the Types field of a finding.
    UserDefinedFields Dictionary<string, string>
    The rule action updates the UserDefinedFields field of a finding.
    VerificationState string
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    Workflow AutomationRuleActionFindingFieldsUpdateWorkflow
    A resource block that is used to update information about the investigation into the finding. Documented below.
    Confidence int
    The rule action updates the Confidence field of a finding.
    Criticality int
    The rule action updates the Criticality field of a finding.
    Note AutomationRuleActionFindingFieldsUpdateNote
    A resource block that updates the note. Documented below.
    RelatedFindings []AutomationRuleActionFindingFieldsUpdateRelatedFinding
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    Severity AutomationRuleActionFindingFieldsUpdateSeverity
    A resource block that updates to the severity information for a finding. Documented below.
    Types []string
    The rule action updates the Types field of a finding.
    UserDefinedFields map[string]string
    The rule action updates the UserDefinedFields field of a finding.
    VerificationState string
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    Workflow AutomationRuleActionFindingFieldsUpdateWorkflow
    A resource block that is used to update information about the investigation into the finding. Documented below.
    confidence Integer
    The rule action updates the Confidence field of a finding.
    criticality Integer
    The rule action updates the Criticality field of a finding.
    note AutomationRuleActionFindingFieldsUpdateNote
    A resource block that updates the note. Documented below.
    relatedFindings List<AutomationRuleActionFindingFieldsUpdateRelatedFinding>
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    severity AutomationRuleActionFindingFieldsUpdateSeverity
    A resource block that updates to the severity information for a finding. Documented below.
    types List<String>
    The rule action updates the Types field of a finding.
    userDefinedFields Map<String,String>
    The rule action updates the UserDefinedFields field of a finding.
    verificationState String
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    workflow AutomationRuleActionFindingFieldsUpdateWorkflow
    A resource block that is used to update information about the investigation into the finding. Documented below.
    confidence number
    The rule action updates the Confidence field of a finding.
    criticality number
    The rule action updates the Criticality field of a finding.
    note AutomationRuleActionFindingFieldsUpdateNote
    A resource block that updates the note. Documented below.
    relatedFindings AutomationRuleActionFindingFieldsUpdateRelatedFinding[]
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    severity AutomationRuleActionFindingFieldsUpdateSeverity
    A resource block that updates to the severity information for a finding. Documented below.
    types string[]
    The rule action updates the Types field of a finding.
    userDefinedFields {[key: string]: string}
    The rule action updates the UserDefinedFields field of a finding.
    verificationState string
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    workflow AutomationRuleActionFindingFieldsUpdateWorkflow
    A resource block that is used to update information about the investigation into the finding. Documented below.
    confidence int
    The rule action updates the Confidence field of a finding.
    criticality int
    The rule action updates the Criticality field of a finding.
    note AutomationRuleActionFindingFieldsUpdateNote
    A resource block that updates the note. Documented below.
    related_findings Sequence[AutomationRuleActionFindingFieldsUpdateRelatedFinding]
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    severity AutomationRuleActionFindingFieldsUpdateSeverity
    A resource block that updates to the severity information for a finding. Documented below.
    types Sequence[str]
    The rule action updates the Types field of a finding.
    user_defined_fields Mapping[str, str]
    The rule action updates the UserDefinedFields field of a finding.
    verification_state str
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    workflow AutomationRuleActionFindingFieldsUpdateWorkflow
    A resource block that is used to update information about the investigation into the finding. Documented below.
    confidence Number
    The rule action updates the Confidence field of a finding.
    criticality Number
    The rule action updates the Criticality field of a finding.
    note Property Map
    A resource block that updates the note. Documented below.
    relatedFindings List<Property Map>
    A resource block that the rule action updates the RelatedFindings field of a finding. Documented below.
    severity Property Map
    A resource block that updates to the severity information for a finding. Documented below.
    types List<String>
    The rule action updates the Types field of a finding.
    userDefinedFields Map<String>
    The rule action updates the UserDefinedFields field of a finding.
    verificationState String
    The rule action updates the VerificationState field of a finding. The allowed values are the following UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE and BENIGN_POSITIVE.
    workflow Property Map
    A resource block that is used to update information about the investigation into the finding. Documented below.

    AutomationRuleActionFindingFieldsUpdateNote, AutomationRuleActionFindingFieldsUpdateNoteArgs

    Text string
    The updated note text.
    UpdatedBy string
    The principal that updated the note.
    Text string
    The updated note text.
    UpdatedBy string
    The principal that updated the note.
    text String
    The updated note text.
    updatedBy String
    The principal that updated the note.
    text string
    The updated note text.
    updatedBy string
    The principal that updated the note.
    text str
    The updated note text.
    updated_by str
    The principal that updated the note.
    text String
    The updated note text.
    updatedBy String
    The principal that updated the note.

    AutomationRuleActionFindingFieldsUpdateRelatedFinding, AutomationRuleActionFindingFieldsUpdateRelatedFindingArgs

    Id string
    The product-generated identifier for a related finding.
    ProductArn string
    The ARN of the product that generated a related finding.
    Id string
    The product-generated identifier for a related finding.
    ProductArn string
    The ARN of the product that generated a related finding.
    id String
    The product-generated identifier for a related finding.
    productArn String
    The ARN of the product that generated a related finding.
    id string
    The product-generated identifier for a related finding.
    productArn string
    The ARN of the product that generated a related finding.
    id str
    The product-generated identifier for a related finding.
    product_arn str
    The ARN of the product that generated a related finding.
    id String
    The product-generated identifier for a related finding.
    productArn String
    The ARN of the product that generated a related finding.

    AutomationRuleActionFindingFieldsUpdateSeverity, AutomationRuleActionFindingFieldsUpdateSeverityArgs

    Label string
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    Product double
    The native severity as defined by the AWS service or integrated partner product that generated the finding.
    Label string
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    Product float64
    The native severity as defined by the AWS service or integrated partner product that generated the finding.
    label String
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    product Double
    The native severity as defined by the AWS service or integrated partner product that generated the finding.
    label string
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    product number
    The native severity as defined by the AWS service or integrated partner product that generated the finding.
    label str
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    product float
    The native severity as defined by the AWS service or integrated partner product that generated the finding.
    label String
    The severity value of the finding. The allowed values are the following INFORMATIONAL, LOW, MEDIUM, HIGH and CRITICAL.
    product Number
    The native severity as defined by the AWS service or integrated partner product that generated the finding.

    AutomationRuleActionFindingFieldsUpdateWorkflow, AutomationRuleActionFindingFieldsUpdateWorkflowArgs

    Status string
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.
    Status string
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.
    status String
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.
    status string
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.
    status str
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.
    status String
    The status of the investigation into the finding. The allowed values are the following NEW, NOTIFIED, RESOLVED and SUPPRESSED.

    AutomationRuleCriteria, AutomationRuleCriteriaArgs

    AwsAccountIds List<AutomationRuleCriteriaAwsAccountId>
    The AWS account ID in which a finding was generated. Documented below.
    AwsAccountNames List<AutomationRuleCriteriaAwsAccountName>
    The name of the AWS account in which a finding was generated. Documented below.
    CompanyNames List<AutomationRuleCriteriaCompanyName>
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    ComplianceAssociatedStandardsIds List<AutomationRuleCriteriaComplianceAssociatedStandardsId>
    The unique identifier of a standard in which a control is enabled. Documented below.
    ComplianceSecurityControlIds List<AutomationRuleCriteriaComplianceSecurityControlId>
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    ComplianceStatuses List<AutomationRuleCriteriaComplianceStatus>
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    Confidences List<AutomationRuleCriteriaConfidence>
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    CreatedAts List<AutomationRuleCriteriaCreatedAt>
    A timestamp that indicates when this finding record was created. Documented below.
    Criticalities List<AutomationRuleCriteriaCriticality>
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    Descriptions List<AutomationRuleCriteriaDescription>
    A finding's description. Documented below.
    FirstObservedAts List<AutomationRuleCriteriaFirstObservedAt>
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    GeneratorIds List<AutomationRuleCriteriaGeneratorId>
    The identifier for the solution-specific component that generated a finding. Documented below.
    Ids List<AutomationRuleCriteriaId>
    The product-specific identifier for a finding. Documented below.
    LastObservedAts List<AutomationRuleCriteriaLastObservedAt>
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    NoteTexts List<AutomationRuleCriteriaNoteText>
    The text of a user-defined note that's added to a finding. Documented below.
    NoteUpdatedAts List<AutomationRuleCriteriaNoteUpdatedAt>
    The timestamp of when the note was updated. Documented below.
    NoteUpdatedBies List<AutomationRuleCriteriaNoteUpdatedBy>
    The principal that created a note. Documented below.
    ProductArns List<AutomationRuleCriteriaProductArn>
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    ProductNames List<AutomationRuleCriteriaProductName>
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    RecordStates List<AutomationRuleCriteriaRecordState>
    Provides the current state of a finding. Documented below.
    RelatedFindingsIds List<AutomationRuleCriteriaRelatedFindingsId>
    The product-generated identifier for a related finding. Documented below.
    RelatedFindingsProductArns List<AutomationRuleCriteriaRelatedFindingsProductArn>
    The ARN for the product that generated a related finding. Documented below.
    ResourceApplicationArns List<AutomationRuleCriteriaResourceApplicationArn>
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    ResourceApplicationNames List<AutomationRuleCriteriaResourceApplicationName>
    The name of the application that is related to a finding. Documented below.
    ResourceDetailsOthers List<AutomationRuleCriteriaResourceDetailsOther>
    Custom fields and values about the resource that a finding pertains to. Documented below.
    ResourceIds List<AutomationRuleCriteriaResourceId>
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    ResourcePartitions List<AutomationRuleCriteriaResourcePartition>
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    ResourceRegions List<AutomationRuleCriteriaResourceRegion>
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    ResourceTags List<AutomationRuleCriteriaResourceTag>
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    ResourceTypes List<AutomationRuleCriteriaResourceType>
    The type of resource that the finding pertains to. Documented below.
    SeverityLabels List<AutomationRuleCriteriaSeverityLabel>
    The severity value of the finding. Documented below.
    SourceUrls List<AutomationRuleCriteriaSourceUrl>
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    Titles List<AutomationRuleCriteriaTitle>
    A finding's title. Documented below.
    Types List<AutomationRuleCriteriaType>
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    UpdatedAts List<AutomationRuleCriteriaUpdatedAt>
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    UserDefinedFields List<AutomationRuleCriteriaUserDefinedField>
    A list of user-defined name and value string pairs added to a finding. Documented below.
    VerificationStates List<AutomationRuleCriteriaVerificationState>
    Provides the veracity of a finding. Documented below.
    WorkflowStatuses List<AutomationRuleCriteriaWorkflowStatus>
    Provides information about the status of the investigation into a finding. Documented below.
    AwsAccountIds []AutomationRuleCriteriaAwsAccountId
    The AWS account ID in which a finding was generated. Documented below.
    AwsAccountNames []AutomationRuleCriteriaAwsAccountName
    The name of the AWS account in which a finding was generated. Documented below.
    CompanyNames []AutomationRuleCriteriaCompanyName
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    ComplianceAssociatedStandardsIds []AutomationRuleCriteriaComplianceAssociatedStandardsId
    The unique identifier of a standard in which a control is enabled. Documented below.
    ComplianceSecurityControlIds []AutomationRuleCriteriaComplianceSecurityControlId
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    ComplianceStatuses []AutomationRuleCriteriaComplianceStatus
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    Confidences []AutomationRuleCriteriaConfidence
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    CreatedAts []AutomationRuleCriteriaCreatedAt
    A timestamp that indicates when this finding record was created. Documented below.
    Criticalities []AutomationRuleCriteriaCriticality
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    Descriptions []AutomationRuleCriteriaDescription
    A finding's description. Documented below.
    FirstObservedAts []AutomationRuleCriteriaFirstObservedAt
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    GeneratorIds []AutomationRuleCriteriaGeneratorId
    The identifier for the solution-specific component that generated a finding. Documented below.
    Ids []AutomationRuleCriteriaId
    The product-specific identifier for a finding. Documented below.
    LastObservedAts []AutomationRuleCriteriaLastObservedAt
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    NoteTexts []AutomationRuleCriteriaNoteText
    The text of a user-defined note that's added to a finding. Documented below.
    NoteUpdatedAts []AutomationRuleCriteriaNoteUpdatedAt
    The timestamp of when the note was updated. Documented below.
    NoteUpdatedBies []AutomationRuleCriteriaNoteUpdatedBy
    The principal that created a note. Documented below.
    ProductArns []AutomationRuleCriteriaProductArn
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    ProductNames []AutomationRuleCriteriaProductName
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    RecordStates []AutomationRuleCriteriaRecordState
    Provides the current state of a finding. Documented below.
    RelatedFindingsIds []AutomationRuleCriteriaRelatedFindingsId
    The product-generated identifier for a related finding. Documented below.
    RelatedFindingsProductArns []AutomationRuleCriteriaRelatedFindingsProductArn
    The ARN for the product that generated a related finding. Documented below.
    ResourceApplicationArns []AutomationRuleCriteriaResourceApplicationArn
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    ResourceApplicationNames []AutomationRuleCriteriaResourceApplicationName
    The name of the application that is related to a finding. Documented below.
    ResourceDetailsOthers []AutomationRuleCriteriaResourceDetailsOther
    Custom fields and values about the resource that a finding pertains to. Documented below.
    ResourceIds []AutomationRuleCriteriaResourceId
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    ResourcePartitions []AutomationRuleCriteriaResourcePartition
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    ResourceRegions []AutomationRuleCriteriaResourceRegion
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    ResourceTags []AutomationRuleCriteriaResourceTag
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    ResourceTypes []AutomationRuleCriteriaResourceType
    The type of resource that the finding pertains to. Documented below.
    SeverityLabels []AutomationRuleCriteriaSeverityLabel
    The severity value of the finding. Documented below.
    SourceUrls []AutomationRuleCriteriaSourceUrl
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    Titles []AutomationRuleCriteriaTitle
    A finding's title. Documented below.
    Types []AutomationRuleCriteriaType
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    UpdatedAts []AutomationRuleCriteriaUpdatedAt
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    UserDefinedFields []AutomationRuleCriteriaUserDefinedField
    A list of user-defined name and value string pairs added to a finding. Documented below.
    VerificationStates []AutomationRuleCriteriaVerificationState
    Provides the veracity of a finding. Documented below.
    WorkflowStatuses []AutomationRuleCriteriaWorkflowStatus
    Provides information about the status of the investigation into a finding. Documented below.
    awsAccountIds List<AutomationRuleCriteriaAwsAccountId>
    The AWS account ID in which a finding was generated. Documented below.
    awsAccountNames List<AutomationRuleCriteriaAwsAccountName>
    The name of the AWS account in which a finding was generated. Documented below.
    companyNames List<AutomationRuleCriteriaCompanyName>
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    complianceAssociatedStandardsIds List<AutomationRuleCriteriaComplianceAssociatedStandardsId>
    The unique identifier of a standard in which a control is enabled. Documented below.
    complianceSecurityControlIds List<AutomationRuleCriteriaComplianceSecurityControlId>
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    complianceStatuses List<AutomationRuleCriteriaComplianceStatus>
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    confidences List<AutomationRuleCriteriaConfidence>
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    createdAts List<AutomationRuleCriteriaCreatedAt>
    A timestamp that indicates when this finding record was created. Documented below.
    criticalities List<AutomationRuleCriteriaCriticality>
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    descriptions List<AutomationRuleCriteriaDescription>
    A finding's description. Documented below.
    firstObservedAts List<AutomationRuleCriteriaFirstObservedAt>
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    generatorIds List<AutomationRuleCriteriaGeneratorId>
    The identifier for the solution-specific component that generated a finding. Documented below.
    ids List<AutomationRuleCriteriaId>
    The product-specific identifier for a finding. Documented below.
    lastObservedAts List<AutomationRuleCriteriaLastObservedAt>
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    noteTexts List<AutomationRuleCriteriaNoteText>
    The text of a user-defined note that's added to a finding. Documented below.
    noteUpdatedAts List<AutomationRuleCriteriaNoteUpdatedAt>
    The timestamp of when the note was updated. Documented below.
    noteUpdatedBies List<AutomationRuleCriteriaNoteUpdatedBy>
    The principal that created a note. Documented below.
    productArns List<AutomationRuleCriteriaProductArn>
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    productNames List<AutomationRuleCriteriaProductName>
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    recordStates List<AutomationRuleCriteriaRecordState>
    Provides the current state of a finding. Documented below.
    relatedFindingsIds List<AutomationRuleCriteriaRelatedFindingsId>
    The product-generated identifier for a related finding. Documented below.
    relatedFindingsProductArns List<AutomationRuleCriteriaRelatedFindingsProductArn>
    The ARN for the product that generated a related finding. Documented below.
    resourceApplicationArns List<AutomationRuleCriteriaResourceApplicationArn>
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    resourceApplicationNames List<AutomationRuleCriteriaResourceApplicationName>
    The name of the application that is related to a finding. Documented below.
    resourceDetailsOthers List<AutomationRuleCriteriaResourceDetailsOther>
    Custom fields and values about the resource that a finding pertains to. Documented below.
    resourceIds List<AutomationRuleCriteriaResourceId>
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    resourcePartitions List<AutomationRuleCriteriaResourcePartition>
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    resourceRegions List<AutomationRuleCriteriaResourceRegion>
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    resourceTags List<AutomationRuleCriteriaResourceTag>
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    resourceTypes List<AutomationRuleCriteriaResourceType>
    The type of resource that the finding pertains to. Documented below.
    severityLabels List<AutomationRuleCriteriaSeverityLabel>
    The severity value of the finding. Documented below.
    sourceUrls List<AutomationRuleCriteriaSourceUrl>
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    titles List<AutomationRuleCriteriaTitle>
    A finding's title. Documented below.
    types List<AutomationRuleCriteriaType>
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    updatedAts List<AutomationRuleCriteriaUpdatedAt>
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    userDefinedFields List<AutomationRuleCriteriaUserDefinedField>
    A list of user-defined name and value string pairs added to a finding. Documented below.
    verificationStates List<AutomationRuleCriteriaVerificationState>
    Provides the veracity of a finding. Documented below.
    workflowStatuses List<AutomationRuleCriteriaWorkflowStatus>
    Provides information about the status of the investigation into a finding. Documented below.
    awsAccountIds AutomationRuleCriteriaAwsAccountId[]
    The AWS account ID in which a finding was generated. Documented below.
    awsAccountNames AutomationRuleCriteriaAwsAccountName[]
    The name of the AWS account in which a finding was generated. Documented below.
    companyNames AutomationRuleCriteriaCompanyName[]
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    complianceAssociatedStandardsIds AutomationRuleCriteriaComplianceAssociatedStandardsId[]
    The unique identifier of a standard in which a control is enabled. Documented below.
    complianceSecurityControlIds AutomationRuleCriteriaComplianceSecurityControlId[]
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    complianceStatuses AutomationRuleCriteriaComplianceStatus[]
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    confidences AutomationRuleCriteriaConfidence[]
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    createdAts AutomationRuleCriteriaCreatedAt[]
    A timestamp that indicates when this finding record was created. Documented below.
    criticalities AutomationRuleCriteriaCriticality[]
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    descriptions AutomationRuleCriteriaDescription[]
    A finding's description. Documented below.
    firstObservedAts AutomationRuleCriteriaFirstObservedAt[]
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    generatorIds AutomationRuleCriteriaGeneratorId[]
    The identifier for the solution-specific component that generated a finding. Documented below.
    ids AutomationRuleCriteriaId[]
    The product-specific identifier for a finding. Documented below.
    lastObservedAts AutomationRuleCriteriaLastObservedAt[]
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    noteTexts AutomationRuleCriteriaNoteText[]
    The text of a user-defined note that's added to a finding. Documented below.
    noteUpdatedAts AutomationRuleCriteriaNoteUpdatedAt[]
    The timestamp of when the note was updated. Documented below.
    noteUpdatedBies AutomationRuleCriteriaNoteUpdatedBy[]
    The principal that created a note. Documented below.
    productArns AutomationRuleCriteriaProductArn[]
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    productNames AutomationRuleCriteriaProductName[]
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    recordStates AutomationRuleCriteriaRecordState[]
    Provides the current state of a finding. Documented below.
    relatedFindingsIds AutomationRuleCriteriaRelatedFindingsId[]
    The product-generated identifier for a related finding. Documented below.
    relatedFindingsProductArns AutomationRuleCriteriaRelatedFindingsProductArn[]
    The ARN for the product that generated a related finding. Documented below.
    resourceApplicationArns AutomationRuleCriteriaResourceApplicationArn[]
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    resourceApplicationNames AutomationRuleCriteriaResourceApplicationName[]
    The name of the application that is related to a finding. Documented below.
    resourceDetailsOthers AutomationRuleCriteriaResourceDetailsOther[]
    Custom fields and values about the resource that a finding pertains to. Documented below.
    resourceIds AutomationRuleCriteriaResourceId[]
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    resourcePartitions AutomationRuleCriteriaResourcePartition[]
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    resourceRegions AutomationRuleCriteriaResourceRegion[]
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    resourceTags AutomationRuleCriteriaResourceTag[]
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    resourceTypes AutomationRuleCriteriaResourceType[]
    The type of resource that the finding pertains to. Documented below.
    severityLabels AutomationRuleCriteriaSeverityLabel[]
    The severity value of the finding. Documented below.
    sourceUrls AutomationRuleCriteriaSourceUrl[]
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    titles AutomationRuleCriteriaTitle[]
    A finding's title. Documented below.
    types AutomationRuleCriteriaType[]
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    updatedAts AutomationRuleCriteriaUpdatedAt[]
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    userDefinedFields AutomationRuleCriteriaUserDefinedField[]
    A list of user-defined name and value string pairs added to a finding. Documented below.
    verificationStates AutomationRuleCriteriaVerificationState[]
    Provides the veracity of a finding. Documented below.
    workflowStatuses AutomationRuleCriteriaWorkflowStatus[]
    Provides information about the status of the investigation into a finding. Documented below.
    aws_account_ids Sequence[AutomationRuleCriteriaAwsAccountId]
    The AWS account ID in which a finding was generated. Documented below.
    aws_account_names Sequence[AutomationRuleCriteriaAwsAccountName]
    The name of the AWS account in which a finding was generated. Documented below.
    company_names Sequence[AutomationRuleCriteriaCompanyName]
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    compliance_associated_standards_ids Sequence[AutomationRuleCriteriaComplianceAssociatedStandardsId]
    The unique identifier of a standard in which a control is enabled. Documented below.
    compliance_security_control_ids Sequence[AutomationRuleCriteriaComplianceSecurityControlId]
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    compliance_statuses Sequence[AutomationRuleCriteriaComplianceStatus]
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    confidences Sequence[AutomationRuleCriteriaConfidence]
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    created_ats Sequence[AutomationRuleCriteriaCreatedAt]
    A timestamp that indicates when this finding record was created. Documented below.
    criticalities Sequence[AutomationRuleCriteriaCriticality]
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    descriptions Sequence[AutomationRuleCriteriaDescription]
    A finding's description. Documented below.
    first_observed_ats Sequence[AutomationRuleCriteriaFirstObservedAt]
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    generator_ids Sequence[AutomationRuleCriteriaGeneratorId]
    The identifier for the solution-specific component that generated a finding. Documented below.
    ids Sequence[AutomationRuleCriteriaId]
    The product-specific identifier for a finding. Documented below.
    last_observed_ats Sequence[AutomationRuleCriteriaLastObservedAt]
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    note_texts Sequence[AutomationRuleCriteriaNoteText]
    The text of a user-defined note that's added to a finding. Documented below.
    note_updated_ats Sequence[AutomationRuleCriteriaNoteUpdatedAt]
    The timestamp of when the note was updated. Documented below.
    note_updated_bies Sequence[AutomationRuleCriteriaNoteUpdatedBy]
    The principal that created a note. Documented below.
    product_arns Sequence[AutomationRuleCriteriaProductArn]
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    product_names Sequence[AutomationRuleCriteriaProductName]
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    record_states Sequence[AutomationRuleCriteriaRecordState]
    Provides the current state of a finding. Documented below.
    related_findings_ids Sequence[AutomationRuleCriteriaRelatedFindingsId]
    The product-generated identifier for a related finding. Documented below.
    related_findings_product_arns Sequence[AutomationRuleCriteriaRelatedFindingsProductArn]
    The ARN for the product that generated a related finding. Documented below.
    resource_application_arns Sequence[AutomationRuleCriteriaResourceApplicationArn]
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    resource_application_names Sequence[AutomationRuleCriteriaResourceApplicationName]
    The name of the application that is related to a finding. Documented below.
    resource_details_others Sequence[AutomationRuleCriteriaResourceDetailsOther]
    Custom fields and values about the resource that a finding pertains to. Documented below.
    resource_ids Sequence[AutomationRuleCriteriaResourceId]
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    resource_partitions Sequence[AutomationRuleCriteriaResourcePartition]
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    resource_regions Sequence[AutomationRuleCriteriaResourceRegion]
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    resource_tags Sequence[AutomationRuleCriteriaResourceTag]
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    resource_types Sequence[AutomationRuleCriteriaResourceType]
    The type of resource that the finding pertains to. Documented below.
    severity_labels Sequence[AutomationRuleCriteriaSeverityLabel]
    The severity value of the finding. Documented below.
    source_urls Sequence[AutomationRuleCriteriaSourceUrl]
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    titles Sequence[AutomationRuleCriteriaTitle]
    A finding's title. Documented below.
    types Sequence[AutomationRuleCriteriaType]
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    updated_ats Sequence[AutomationRuleCriteriaUpdatedAt]
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    user_defined_fields Sequence[AutomationRuleCriteriaUserDefinedField]
    A list of user-defined name and value string pairs added to a finding. Documented below.
    verification_states Sequence[AutomationRuleCriteriaVerificationState]
    Provides the veracity of a finding. Documented below.
    workflow_statuses Sequence[AutomationRuleCriteriaWorkflowStatus]
    Provides information about the status of the investigation into a finding. Documented below.
    awsAccountIds List<Property Map>
    The AWS account ID in which a finding was generated. Documented below.
    awsAccountNames List<Property Map>
    The name of the AWS account in which a finding was generated. Documented below.
    companyNames List<Property Map>
    The name of the company for the product that generated the finding. For control-based findings, the company is AWS. Documented below.
    complianceAssociatedStandardsIds List<Property Map>
    The unique identifier of a standard in which a control is enabled. Documented below.
    complianceSecurityControlIds List<Property Map>
    The security control ID for which a finding was generated. Security control IDs are the same across standards. Documented below.
    complianceStatuses List<Property Map>
    The result of a security check. This field is only used for findings generated from controls. Documented below.
    confidences List<Property Map>
    The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. Documented below.
    createdAts List<Property Map>
    A timestamp that indicates when this finding record was created. Documented below.
    criticalities List<Property Map>
    The level of importance that is assigned to the resources that are associated with a finding. Documented below.
    descriptions List<Property Map>
    A finding's description. Documented below.
    firstObservedAts List<Property Map>
    A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. Documented below.
    generatorIds List<Property Map>
    The identifier for the solution-specific component that generated a finding. Documented below.
    ids List<Property Map>
    The product-specific identifier for a finding. Documented below.
    lastObservedAts List<Property Map>
    A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product. Documented below.
    noteTexts List<Property Map>
    The text of a user-defined note that's added to a finding. Documented below.
    noteUpdatedAts List<Property Map>
    The timestamp of when the note was updated. Documented below.
    noteUpdatedBies List<Property Map>
    The principal that created a note. Documented below.
    productArns List<Property Map>
    The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Documented below.
    productNames List<Property Map>
    Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Documented below.
    recordStates List<Property Map>
    Provides the current state of a finding. Documented below.
    relatedFindingsIds List<Property Map>
    The product-generated identifier for a related finding. Documented below.
    relatedFindingsProductArns List<Property Map>
    The ARN for the product that generated a related finding. Documented below.
    resourceApplicationArns List<Property Map>
    The Amazon Resource Name (ARN) of the application that is related to a finding. Documented below.
    resourceApplicationNames List<Property Map>
    The name of the application that is related to a finding. Documented below.
    resourceDetailsOthers List<Property Map>
    Custom fields and values about the resource that a finding pertains to. Documented below.
    resourceIds List<Property Map>
    The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. Documented below.
    resourcePartitions List<Property Map>
    The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions. Each AWS account is scoped to one partition. Documented below.
    resourceRegions List<Property Map>
    The AWS Region where the resource that a finding pertains to is located. Documented below.
    resourceTags List<Property Map>
    A list of AWS tags associated with a resource at the time the finding was processed. Documented below.
    resourceTypes List<Property Map>
    The type of resource that the finding pertains to. Documented below.
    severityLabels List<Property Map>
    The severity value of the finding. Documented below.
    sourceUrls List<Property Map>
    Provides a URL that links to a page about the current finding in the finding product. Documented below.
    titles List<Property Map>
    A finding's title. Documented below.
    types List<Property Map>
    One or more finding types in the format of namespace/category/classifier that classify a finding. Documented below.
    updatedAts List<Property Map>
    A timestamp that indicates when the finding record was most recently updated. Documented below.
    userDefinedFields List<Property Map>
    A list of user-defined name and value string pairs added to a finding. Documented below.
    verificationStates List<Property Map>
    Provides the veracity of a finding. Documented below.
    workflowStatuses List<Property Map>
    Provides information about the status of the investigation into a finding. Documented below.

    AutomationRuleCriteriaAwsAccountId, AutomationRuleCriteriaAwsAccountIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaAwsAccountName, AutomationRuleCriteriaAwsAccountNameArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaCompanyName, AutomationRuleCriteriaCompanyNameArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaComplianceAssociatedStandardsId, AutomationRuleCriteriaComplianceAssociatedStandardsIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaComplianceSecurityControlId, AutomationRuleCriteriaComplianceSecurityControlIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaComplianceStatus, AutomationRuleCriteriaComplianceStatusArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaConfidence, AutomationRuleCriteriaConfidenceArgs

    Eq double
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    Gt double
    Gte double
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Lt double
    Lte double
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Eq float64
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    Gt float64
    Gte float64
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Lt float64
    Lte float64
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq Double
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt Double
    gte Double
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt Double
    lte Double
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq number
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt number
    gte number
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt number
    lte number
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq float
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt float
    gte float
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt float
    lte float
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq Number
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt Number
    gte Number
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt Number
    lte Number
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.

    AutomationRuleCriteriaCreatedAt, AutomationRuleCriteriaCreatedAtArgs

    DateRange AutomationRuleCriteriaCreatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    DateRange AutomationRuleCriteriaCreatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaCreatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaCreatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end string
    An end date for the date filter. Required with start if date_range is not specified.
    start string
    A start date for the date filter. Required with end if date_range is not specified.
    date_range AutomationRuleCriteriaCreatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end str
    An end date for the date filter. Required with start if date_range is not specified.
    start str
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange Property Map
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.

    AutomationRuleCriteriaCreatedAtDateRange, AutomationRuleCriteriaCreatedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    AutomationRuleCriteriaCriticality, AutomationRuleCriteriaCriticalityArgs

    Eq double
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    Gt double
    Gte double
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Lt double
    Lte double
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Eq float64
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    Gt float64
    Gte float64
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    Lt float64
    Lte float64
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq Double
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt Double
    gte Double
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt Double
    lte Double
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq number
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt number
    gte number
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt number
    lte number
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq float
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt float
    gte float
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt float
    lte float
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    eq Number
    The equal-to condition to be applied to a single field when querying for findings, provided as a String.
    gt Number
    gte Number
    The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
    lt Number
    lte Number
    The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.

    AutomationRuleCriteriaDescription, AutomationRuleCriteriaDescriptionArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaFirstObservedAt, AutomationRuleCriteriaFirstObservedAtArgs

    DateRange AutomationRuleCriteriaFirstObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    DateRange AutomationRuleCriteriaFirstObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaFirstObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaFirstObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end string
    An end date for the date filter. Required with start if date_range is not specified.
    start string
    A start date for the date filter. Required with end if date_range is not specified.
    date_range AutomationRuleCriteriaFirstObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end str
    An end date for the date filter. Required with start if date_range is not specified.
    start str
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange Property Map
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.

    AutomationRuleCriteriaFirstObservedAtDateRange, AutomationRuleCriteriaFirstObservedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    AutomationRuleCriteriaGeneratorId, AutomationRuleCriteriaGeneratorIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaId, AutomationRuleCriteriaIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaLastObservedAt, AutomationRuleCriteriaLastObservedAtArgs

    DateRange AutomationRuleCriteriaLastObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    DateRange AutomationRuleCriteriaLastObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaLastObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaLastObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end string
    An end date for the date filter. Required with start if date_range is not specified.
    start string
    A start date for the date filter. Required with end if date_range is not specified.
    date_range AutomationRuleCriteriaLastObservedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end str
    An end date for the date filter. Required with start if date_range is not specified.
    start str
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange Property Map
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.

    AutomationRuleCriteriaLastObservedAtDateRange, AutomationRuleCriteriaLastObservedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    AutomationRuleCriteriaNoteText, AutomationRuleCriteriaNoteTextArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaNoteUpdatedAt, AutomationRuleCriteriaNoteUpdatedAtArgs

    DateRange AutomationRuleCriteriaNoteUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    DateRange AutomationRuleCriteriaNoteUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaNoteUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaNoteUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end string
    An end date for the date filter. Required with start if date_range is not specified.
    start string
    A start date for the date filter. Required with end if date_range is not specified.
    date_range AutomationRuleCriteriaNoteUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end str
    An end date for the date filter. Required with start if date_range is not specified.
    start str
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange Property Map
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.

    AutomationRuleCriteriaNoteUpdatedAtDateRange, AutomationRuleCriteriaNoteUpdatedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    AutomationRuleCriteriaNoteUpdatedBy, AutomationRuleCriteriaNoteUpdatedByArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaProductArn, AutomationRuleCriteriaProductArnArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaProductName, AutomationRuleCriteriaProductNameArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaRecordState, AutomationRuleCriteriaRecordStateArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaRelatedFindingsId, AutomationRuleCriteriaRelatedFindingsIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaRelatedFindingsProductArn, AutomationRuleCriteriaRelatedFindingsProductArnArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourceApplicationArn, AutomationRuleCriteriaResourceApplicationArnArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourceApplicationName, AutomationRuleCriteriaResourceApplicationNameArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourceDetailsOther, AutomationRuleCriteriaResourceDetailsOtherArgs

    Comparison string
    Key string
    The key of the map filter.
    Value string
    Comparison string
    Key string
    The key of the map filter.
    Value string
    comparison String
    key String
    The key of the map filter.
    value String
    comparison string
    key string
    The key of the map filter.
    value string
    comparison str
    key str
    The key of the map filter.
    value str
    comparison String
    key String
    The key of the map filter.
    value String

    AutomationRuleCriteriaResourceId, AutomationRuleCriteriaResourceIdArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourcePartition, AutomationRuleCriteriaResourcePartitionArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourceRegion, AutomationRuleCriteriaResourceRegionArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaResourceTag, AutomationRuleCriteriaResourceTagArgs

    Comparison string
    Key string
    The key of the map filter.
    Value string
    Comparison string
    Key string
    The key of the map filter.
    Value string
    comparison String
    key String
    The key of the map filter.
    value String
    comparison string
    key string
    The key of the map filter.
    value string
    comparison str
    key str
    The key of the map filter.
    value str
    comparison String
    key String
    The key of the map filter.
    value String

    AutomationRuleCriteriaResourceType, AutomationRuleCriteriaResourceTypeArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaSeverityLabel, AutomationRuleCriteriaSeverityLabelArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaSourceUrl, AutomationRuleCriteriaSourceUrlArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaTitle, AutomationRuleCriteriaTitleArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaType, AutomationRuleCriteriaTypeArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaUpdatedAt, AutomationRuleCriteriaUpdatedAtArgs

    DateRange AutomationRuleCriteriaUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    DateRange AutomationRuleCriteriaUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    End string
    An end date for the date filter. Required with start if date_range is not specified.
    Start string
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange AutomationRuleCriteriaUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end string
    An end date for the date filter. Required with start if date_range is not specified.
    start string
    A start date for the date filter. Required with end if date_range is not specified.
    date_range AutomationRuleCriteriaUpdatedAtDateRange
    A configuration block of the date range for the date filter. See date_range below for more details.
    end str
    An end date for the date filter. Required with start if date_range is not specified.
    start str
    A start date for the date filter. Required with end if date_range is not specified.
    dateRange Property Map
    A configuration block of the date range for the date filter. See date_range below for more details.
    end String
    An end date for the date filter. Required with start if date_range is not specified.
    start String
    A start date for the date filter. Required with end if date_range is not specified.

    AutomationRuleCriteriaUpdatedAtDateRange, AutomationRuleCriteriaUpdatedAtDateRangeArgs

    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    Unit string
    A date range unit for the date filter. Valid values: DAYS.
    Value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Integer
    A date range value for the date filter, provided as an Integer.
    unit string
    A date range unit for the date filter. Valid values: DAYS.
    value number
    A date range value for the date filter, provided as an Integer.
    unit str
    A date range unit for the date filter. Valid values: DAYS.
    value int
    A date range value for the date filter, provided as an Integer.
    unit String
    A date range unit for the date filter. Valid values: DAYS.
    value Number
    A date range value for the date filter, provided as an Integer.

    AutomationRuleCriteriaUserDefinedField, AutomationRuleCriteriaUserDefinedFieldArgs

    Comparison string
    Key string
    The key of the map filter.
    Value string
    Comparison string
    Key string
    The key of the map filter.
    Value string
    comparison String
    key String
    The key of the map filter.
    value String
    comparison string
    key string
    The key of the map filter.
    value string
    comparison str
    key str
    The key of the map filter.
    value str
    comparison String
    key String
    The key of the map filter.
    value String

    AutomationRuleCriteriaVerificationState, AutomationRuleCriteriaVerificationStateArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    AutomationRuleCriteriaWorkflowStatus, AutomationRuleCriteriaWorkflowStatusArgs

    Comparison string
    Value string
    Comparison string
    Value string
    comparison String
    value String
    comparison string
    value string
    comparison String
    value String

    Import

    Using pulumi import, import Security Hub automation rule using their ARN. For example:

    $ pulumi import aws:securityhub/automationRule:AutomationRule example arn:aws:securityhub:us-west-2:123456789012:automation-rule/473eddde-f5c4-4ae5-85c7-e922f271fffc
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi