SecurityHubPolicy - Amazon Security Hub CSPM
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

SecurityHubPolicy

An object that defines how Amazon Security Hub CSPM is configured. The configuration policy includes whether Security Hub CSPM is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub CSPM disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub CSPM enables all other controls (including newly released controls).

Contents

EnabledStandardIdentifiers

A list that defines which security standards are enabled in the configuration policy.

Type: Array of strings

Pattern: .*\S.*

Required: No

SecurityControlsConfiguration

An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.

Type: SecurityControlsConfiguration object

Required: No

ServiceEnabled

Indicates whether Security Hub CSPM is enabled in the policy.

Type: Boolean

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: