Class SecurityControl
- All Implemented Interfaces:
Serializable
,SdkPojo
,ToCopyableBuilder<SecurityControl.Builder,
SecurityControl>
A security control in Security Hub describes a security best practice related to a specific resource.
- See Also:
-
Nested Class Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic SecurityControl.Builder
builder()
final String
The description of a security control across standards.final boolean
final boolean
equalsBySdkFields
(Object obj) Indicates whether some other object is "equal to" this one by SDK fields.final <T> Optional
<T> getValueForField
(String fieldName, Class<T> clazz) final int
hashCode()
final boolean
For responses, this returns true if the service returned a value for the Parameters property.final String
The most recent reason for updating the customizable properties of a security control.final Map
<String, ParameterConfiguration> An object that identifies the name of a control parameter, its current value, and whether it has been customized.final String
A link to Security Hub documentation that explains how to remediate a failed finding for a security control.final String
The Amazon Resource Name (ARN) for a security control across standards, such asarn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
.final String
The unique identifier of a security control across standards.final ControlStatus
The enablement status of a security control in a specific standard.final String
The enablement status of a security control in a specific standard.static Class
<? extends SecurityControl.Builder> final SeverityRating
The severity of a security control.final String
The severity of a security control.final String
title()
The title of a security control.Take this object and create a builder that contains all of the current property values of this object.final String
toString()
Returns a string representation of this object.final UpdateStatus
Identifies whether customizable properties of a security control are reflected in Security Hub findings.final String
Identifies whether customizable properties of a security control are reflected in Security Hub findings.Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy
-
Method Details
-
securityControlId
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Service name and a number, such as APIGateway.3.
- Returns:
- The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Service name and a number, such as APIGateway.3.
-
securityControlArn
The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.- Returns:
- The Amazon Resource Name (ARN) for a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
-
title
The title of a security control.
- Returns:
- The title of a security control.
-
description
The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn't reference a specific standard.
- Returns:
- The description of a security control across standards. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter doesn't reference a specific standard.
-
remediationUrl
A link to Security Hub documentation that explains how to remediate a failed finding for a security control.
- Returns:
- A link to Security Hub documentation that explains how to remediate a failed finding for a security control.
-
severityRating
The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.
If the service returns an enum value that is not available in the current SDK version,
severityRating
will returnSeverityRating.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromseverityRatingAsString()
.- Returns:
- The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.
- See Also:
-
severityRatingAsString
The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.
If the service returns an enum value that is not available in the current SDK version,
severityRating
will returnSeverityRating.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromseverityRatingAsString()
.- Returns:
- The severity of a security control. For more information about how Security Hub determines control severity, see Assigning severity to control findings in the Security Hub User Guide.
- See Also:
-
securityControlStatus
The enablement status of a security control in a specific standard.
If the service returns an enum value that is not available in the current SDK version,
securityControlStatus
will returnControlStatus.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromsecurityControlStatusAsString()
.- Returns:
- The enablement status of a security control in a specific standard.
- See Also:
-
securityControlStatusAsString
The enablement status of a security control in a specific standard.
If the service returns an enum value that is not available in the current SDK version,
securityControlStatus
will returnControlStatus.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromsecurityControlStatusAsString()
.- Returns:
- The enablement status of a security control in a specific standard.
- See Also:
-
updateStatus
Identifies whether customizable properties of a security control are reflected in Security Hub findings. A status of
READY
indicates findings include the current parameter values. A status ofUPDATING
indicates that all findings may not include the current parameter values.If the service returns an enum value that is not available in the current SDK version,
updateStatus
will returnUpdateStatus.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromupdateStatusAsString()
.- Returns:
- Identifies whether customizable properties of a security control are reflected in Security Hub findings.
A status of
READY
indicates findings include the current parameter values. A status ofUPDATING
indicates that all findings may not include the current parameter values. - See Also:
-
updateStatusAsString
Identifies whether customizable properties of a security control are reflected in Security Hub findings. A status of
READY
indicates findings include the current parameter values. A status ofUPDATING
indicates that all findings may not include the current parameter values.If the service returns an enum value that is not available in the current SDK version,
updateStatus
will returnUpdateStatus.UNKNOWN_TO_SDK_VERSION
. The raw value returned by the service is available fromupdateStatusAsString()
.- Returns:
- Identifies whether customizable properties of a security control are reflected in Security Hub findings.
A status of
READY
indicates findings include the current parameter values. A status ofUPDATING
indicates that all findings may not include the current parameter values. - See Also:
-
hasParameters
public final boolean hasParameters()For responses, this returns true if the service returned a value for the Parameters property. This DOES NOT check that the value is non-empty (for which, you should check theisEmpty()
method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified. -
parameters
An object that identifies the name of a control parameter, its current value, and whether it has been customized.
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the
hasParameters()
method.- Returns:
- An object that identifies the name of a control parameter, its current value, and whether it has been customized.
-
lastUpdateReason
The most recent reason for updating the customizable properties of a security control. This differs from the
UpdateReason
field of theBatchUpdateStandardsControlAssociations
API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.- Returns:
- The most recent reason for updating the customizable properties of a security control. This differs from
the
UpdateReason
field of theBatchUpdateStandardsControlAssociations
API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.
-
toBuilder
Description copied from interface:ToCopyableBuilder
Take this object and create a builder that contains all of the current property values of this object.- Specified by:
toBuilder
in interfaceToCopyableBuilder<SecurityControl.Builder,
SecurityControl> - Returns:
- a builder for type T
-
builder
-
serializableBuilderClass
-
hashCode
public final int hashCode() -
equals
-
equalsBySdkFields
Description copied from interface:SdkPojo
Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in anSdkPojo
class, and is generated based on a service model.If an
SdkPojo
class does not have any inherited fields,equalsBySdkFields
andequals
are essentially the same.- Specified by:
equalsBySdkFields
in interfaceSdkPojo
- Parameters:
obj
- the object to be compared with- Returns:
- true if the other object equals to this object by sdk fields, false otherwise.
-
toString
Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value. -
getValueForField
-
sdkFields
-