AWS::SecurityHub::AutomationRule

SecurityHub AutomationRule

The AWS::SecurityHub::AutomationRule resource specifies an automation rule based on input parameters. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*.

Properties

8 configurable properties. 5 required. Click a row to see details.

Filter:

Property	Type	Flags
`Actions`	`Array<AutomationRulesAction>`	Required
`Criteria`	`AutomationRulesFindingFilters`	Required
`Description`	`string`	Required
`RuleName`	`string`	Required
`RuleOrder`	`integer`	Required
`IsTerminal`	`boolean`
`RuleStatus`	`string`
`Tags`	`Tags`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`CreatedAt`	`string`	-
`CreatedBy`	`string`	-
`RuleArn`	`string`	-
`UpdatedAt`	`string`	-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::SecurityHub::AutomationRule

Resources:
  MyResource:
    Type: AWS::SecurityHub::AutomationRule
    Properties:
      RuleOrder: 1
      RuleName: "my-rulename"
      Description: "value"
      Criteria: "value"
      Actions: []
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

securityhub:CreateAutomationRulesecurityhub:TagResourcesecurityhub:ListTagsForResource

read

securityhub:ListAutomationRulessecurityhub:BatchGetAutomationRulessecurityhub:ListTagsForResource

update

securityhub:BatchUpdateAutomationRulessecurityhub:TagResourcesecurityhub:UntagResourcesecurityhub:ListTagsForResource

delete

securityhub:BatchDeleteAutomationRulessecurityhub:BatchGetAutomationRules

list

securityhub:ListAutomationRulessecurityhub:ListTagsForResource

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceSecurityHub

Properties12

Required5

TaggingSupported

Primary IDRuleArn

Supported Operations

CreateReadUpdateDeleteList

Related Resources

External Links

AWS Documentation