L1 ConstructAWS::SecurityHub::PolicyAssociation

CfnPolicyAssociation

The `AWS::SecurityHub::PolicyAssociation` resource specifies associations for a configuration policy or a self-managed configuration. You can associate a AWS Security Hub CSPM configuration policy or self-managed configuration with the organization root, organizational units (OUs), or AWS accounts . After a successful association, the configuration policy takes effect in the specified targets. For more information, see [Creating and associating Security Hub CSPM configuration policies](https://docs.aws.amazon.com/securityhub/latest/userguide/create-associate-policy.html) in the *AWS Security Hub CSPM User Guide* .

Import

import { CfnPolicyAssociation } from 'aws-cdk-lib/aws-securityhub';

Or use the module namespace:

import * as securityhub from 'aws-cdk-lib/aws-securityhub';
// securityhub.CfnPolicyAssociation

Properties

Configuration passed to the constructor as CfnPolicyAssociationProps.

configurationPolicyIdRequired

string

The universally unique identifier (UUID) of the configuration policy. A self-managed configuration has no UUID. The identifier of a self-managed configuration is `SELF_MANAGED_SECURITY_HUB` .

targetIdRequired

string

The identifier of the target account, organizational unit, or the root.

targetTypeRequired

string

Specifies whether the target is an AWS account , organizational unit, or the root.

CloudFormation Resource

This L1 construct maps directly to the following CloudFormation resource type.

AWS::SecurityHub::PolicyAssociationView in CloudFormation Explorer

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

LevelL1 (CloudFormation)

Moduleaws-securityhub

CFN TypeAWS::SecurityHub::PolicyAssociation

Properties3

Related Constructs

Explore This Service

External Links

CDK API Documentation