AWS::SecurityHub::Hub
The AWS::SecurityHub::Hub
resource represents the implementation of the AWS Security Hub service in your account. One hub resource is created for each Region in which you enable Security Hub.
The CIS AWS Foundations Benchmark standard and the Foundational Security Best Practices standard are also enabled in each Region where you enable Security Hub.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::SecurityHub::Hub", "Properties" : { "Tags" :
Json
} }
YAML
Type: AWS::SecurityHub::Hub Properties: Tags:
Json
Properties
Tags
-
The tags to add to the hub resource.
Required: No
Type: Json
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the HubArn
for the hub resource created, such as arn:aws:securityhub:us-east-1:12345678910:hub/default
.
For more information about using the Ref
function, see Ref.
Examples
Declare a Hub Resource
The following example shows how to declare a Security Hub Hub
resource:
JSON
{ "Description": "Example Hub with Tags", "Resources": { "ExampleHubWithTags": { "Type": "AWS::SecurityHub::Hub", "Properties": { "Tags": { "key1": "value1", "key2": "value2" } } } }, "Outputs": { "HubArn": { "Value": { "Ref": "ExampleHubWithTags" } } } }
YAML
Description: Example Hub with Tags Resources: ExampleHubWithTags: Type: 'AWS::SecurityHub::Hub' Properties: Tags: key1: value1 key2: value2 Outputs: HubArn: Value: !Ref ExampleHubWithTags