AWS Fundamentals Logo
AWS Fundamentals
L1 ConstructAWS::SecurityHub::ConfigurationPolicy

CfnConfigurationPolicy

The `AWS::SecurityHub::ConfigurationPolicy` resource creates a central configuration policy with the defined settings. Only the AWS Security Hub CSPM delegated administrator can create this resource in the home Region. For more information, see [Central configuration in Security Hub CSPM](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in the *AWS Security Hub CSPM User Guide* .

Import

import { CfnConfigurationPolicy } from 'aws-cdk-lib/aws-securityhub';

Or use the module namespace:

import * as securityhub from 'aws-cdk-lib/aws-securityhub';
// securityhub.CfnConfigurationPolicy

Properties

Configuration passed to the constructor as CfnConfigurationPolicyProps.

configurationPolicyRequired
IResolvable | PolicyProperty

An object that defines how AWS Security Hub CSPM is configured. It includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls).

nameRequired
string

The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: `-, ., !, *, /` .

descriptionOptional
string

The description of the configuration policy.

tagsOptional
{ [key: string]: string }

User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub CSPM resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub CSPM user guide* .

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::SecurityHub::ConfigurationPolicyView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)
Moduleaws-securityhub
CFN TypeAWS::SecurityHub::ConfigurationPolicy
Properties4

Related Constructs

Explore This Service

External Links