AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::SecurityHub::AutomationRule

CfnAutomationRule

The `AWS::SecurityHub::AutomationRule` resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub CSPM User Guide* .

Import

import { CfnAutomationRule } from 'aws-cdk-lib/aws-securityhub';

Or use the module namespace:

import * as securityhub from 'aws-cdk-lib/aws-securityhub';
// securityhub.CfnAutomationRule

Properties

Configuration passed to the constructor as CfnAutomationRuleProps.

actionsRequired
IResolvable | IResolvable | AutomationRulesActionProperty[]

One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .

criteriaRequired
IResolvable | AutomationRulesFindingFiltersProperty

A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub CSPM uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub CSPM applies the rule action to the finding.

descriptionRequired
string

A description of the rule.

ruleNameRequired
string

The name of the rule.

ruleOrderRequired
number

An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub CSPM applies rules with lower values for this parameter first.

isTerminalOptional
boolean | IResolvable

Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub CSPM applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.

ruleStatusOptional
string

Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub CSPM applies the rule to findings and finding updates after the rule is created.

tagsOptional
{ [key: string]: string }

User-defined tags associated with an automation rule.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::SecurityHub::AutomationRuleView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-securityhub
CFN TypeAWS::SecurityHub::AutomationRule
Properties8

Related Constructs

Explore This Service

External Links