interface StringFilterProperty
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.SecurityHub.CfnAutomationRule.StringFilterProperty |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awssecurityhub#CfnAutomationRule_StringFilterProperty |
![]() | software.amazon.awscdk.services.securityhub.CfnAutomationRule.StringFilterProperty |
![]() | aws_cdk.aws_securityhub.CfnAutomationRule.StringFilterProperty |
![]() | aws-cdk-lib » aws_securityhub » CfnAutomationRule » StringFilterProperty |
A string filter for querying findings.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_securityhub as securityhub } from 'aws-cdk-lib';
const stringFilterProperty: securityhub.CfnAutomationRule.StringFilterProperty = {
comparison: 'comparison',
value: 'value',
};
Properties
Name | Type | Description |
---|---|---|
comparison | string | The condition to apply to a string value when querying for findings. |
value | string | The string filter value. |
comparison
Type:
string
The condition to apply to a string value when querying for findings.
To search for values that contain the filter criteria value, use one of the following comparison operators:
- To search for values that exactly match the filter value, use
EQUALS
.
For example, the filter ResourceType EQUALS AwsEc2SecurityGroup
only matches findings that have a resource type of AwsEc2SecurityGroup
.
- To search for values that start with the filter value, use
PREFIX
.
For example, the filter ResourceType PREFIX AwsIam
matches findings that have a resource type that starts with AwsIam
. Findings with a resource type of AwsIamPolicy
, AwsIamRole
, or AwsIamUser
would all match.
EQUALS
and PREFIX
filters on the same field are joined by OR
. A finding matches if it matches any one of those filters.
To search for values that do not contain the filter criteria value, use one of the following comparison operators:
- To search for values that do not exactly match the filter value, use
NOT_EQUALS
.
For example, the filter ResourceType NOT_EQUALS AwsIamPolicy
matches findings that have a resource type other than AwsIamPolicy
.
- To search for values that do not start with the filter value, use
PREFIX_NOT_EQUALS
.
For example, the filter ResourceType PREFIX_NOT_EQUALS AwsIam
matches findings that have a resource type that does not start with AwsIam
. Findings with a resource type of AwsIamPolicy
, AwsIamRole
, or AwsIamUser
would all be excluded from the results.
NOT_EQUALS
and PREFIX_NOT_EQUALS
filters on the same field are joined by AND
. A finding matches only if it matches all of those filters.
For filters on the same field, you cannot provide both an EQUALS
filter and a NOT_EQUALS
or PREFIX_NOT_EQUALS
filter. Combining filters in this way always returns an error, even if the provided filter values would return valid results.
You can combine PREFIX
filters with NOT_EQUALS
or PREFIX_NOT_EQUALS
filters for the same field. Security Hub first processes the PREFIX
filters, then the NOT_EQUALS
or PREFIX_NOT_EQUALS
filters.
For example, for the following filter, Security Hub first identifies findings that have resource types that start with either AwsIAM
or AwsEc2
. It then excludes findings that have a resource type of AwsIamPolicy
and findings that have a resource type of AwsEc2NetworkInterface
.
ResourceType PREFIX AwsIam
ResourceType PREFIX AwsEc2
ResourceType NOT_EQUALS AwsIamPolicy
ResourceType NOT_EQUALS AwsEc2NetworkInterface
value
Type:
string
The string filter value.
Filter values are case sensitive. For example, the product name for control-based findings is Security Hub
. If you provide security hub
as the filter text, then there is no match.