AWS::SecurityHub::ConfigurationPolicy SecurityControlsConfiguration

An object that defines which security controls are enabled in an Amazon Security Hub configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "DisabledSecurityControlIdentifiers" : [ String, ... ],
  "EnabledSecurityControlIdentifiers" : [ String, ... ],
  "SecurityControlCustomParameters" : [ SecurityControlCustomParameter, ... ]
}

YAML


  DisabledSecurityControlIdentifiers: 
    - String
  EnabledSecurityControlIdentifiers: 
    - String
  SecurityControlCustomParameters: 
    - SecurityControlCustomParameter

Properties

DisabledSecurityControlIdentifiers

A list of security controls that are disabled in the configuration policy. Security Hub enables all other controls (including newly released controls) other than the listed controls.

Required: No

Type: Array of String

Maximum: 2048 | 1000

Update requires: No interruption

EnabledSecurityControlIdentifiers

A list of security controls that are enabled in the configuration policy. Security Hub disables all other controls (including newly released controls) other than the listed controls.

Required: No

Type: Array of String

Maximum: 2048 | 1000

Update requires: No interruption

SecurityControlCustomParameters

A list of security controls and control parameter values that are included in a configuration policy.

Required: No

Type: Array of SecurityControlCustomParameter

Maximum: 1000

Update requires: No interruption

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

SecurityControlCustomParameter

SecurityHubPolicy