The AWS::SecurityHub::Insight resource represents the AWS Security Hub Insight in your account. An AWS Security Hub insight is a collection of related findings.
filters
(Attributes) One or more attributes used to filter the findings included in the insight (see below for nested schema)group_by_attribute
(String) The grouping attribute for the insight's findingsname
(String) The name of a Security Hub insightid
(String) Uniquely identifies the resource.insight_arn
(String) The ARN of a Security Hub insightfilters
Optional:
aws_account_id
(Attributes List) The AWS account ID in which a finding is generated. (see below for nested schema)aws_account_name
(Attributes List) The name of the AWS account in which a finding is generated. (see below for nested schema)company_name
(Attributes List) The name of the findings provider (company) that owns the solution (product) that generates findings. (see below for nested schema)compliance_associated_standards_id
(Attributes List) The unique identifier of a standard in which a control is enabled. (see below for nested schema)compliance_security_control_id
(Attributes List) The unique identifier of a control across standards. (see below for nested schema)compliance_security_control_parameters_name
(Attributes List) The name of a security control parameter. (see below for nested schema)compliance_security_control_parameters_value
(Attributes List) The current value of a security control parameter. (see below for nested schema)compliance_status
(Attributes List) Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard. (see below for nested schema)confidence
(Attributes List) A finding's confidence. (see below for nested schema)created_at
(Attributes List) An ISO8601-formatted timestamp that indicates when the security findings provider captured the potential security issue that a finding captured. (see below for nested schema)criticality
(Attributes List) The level of importance assigned to the resources associated with the finding. (see below for nested schema)description
(Attributes List) A finding's description. (see below for nested schema)finding_provider_fields_confidence
(Attributes List) The finding provider value for the finding confidence. (see below for nested schema)finding_provider_fields_criticality
(Attributes List) The finding provider value for the level of importance assigned to the resources associated with the findings. (see below for nested schema)finding_provider_fields_related_findings_id
(Attributes List) The finding identifier of a related finding that is identified by the finding provider. (see below for nested schema)finding_provider_fields_related_findings_product_arn
(Attributes List) The ARN of the solution that generated a related finding that is identified by the finding provider. (see below for nested schema)finding_provider_fields_severity_label
(Attributes List) The finding provider value for the severity label. (see below for nested schema)finding_provider_fields_severity_original
(Attributes List) The finding provider's original value for the severity. (see below for nested schema)finding_provider_fields_types
(Attributes List) One or more finding types that the finding provider assigned to the finding. (see below for nested schema)first_observed_at
(Attributes List) An ISO8601-formatted timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured. (see below for nested schema)generator_id
(Attributes List) The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. (see below for nested schema)id
(Attributes List) The security findings provider-specific identifier for a finding. (see below for nested schema)keyword
(Attributes List) A keyword for a finding. (see below for nested schema)last_observed_at
(Attributes List) An ISO8601-formatted timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured. (see below for nested schema)malware_name
(Attributes List) The name of the malware that was observed. (see below for nested schema)malware_path
(Attributes List) The filesystem path of the malware that was observed. (see below for nested schema)malware_state
(Attributes List) The state of the malware that was observed. (see below for nested schema)malware_type
(Attributes List) The type of the malware that was observed. (see below for nested schema)network_destination_domain
(Attributes List) The destination domain of network-related information about a finding. (see below for nested schema)network_destination_ip_v4
(Attributes List) The destination IPv4 address of network-related information about a finding. (see below for nested schema)network_destination_ip_v6
(Attributes List) The destination IPv6 address of network-related information about a finding. (see below for nested schema)network_destination_port
(Attributes List) The destination port of network-related information about a finding. (see below for nested schema)network_direction
(Attributes List) Indicates the direction of network traffic associated with a finding. (see below for nested schema)network_protocol
(Attributes List) The protocol of network-related information about a finding. (see below for nested schema)network_source_domain
(Attributes List) The source domain of network-related information about a finding. (see below for nested schema)network_source_ip_v4
(Attributes List) The source IPv4 address of network-related information about a finding. (see below for nested schema)network_source_ip_v6
(Attributes List) The source IPv6 address of network-related information about a finding. (see below for nested schema)network_source_mac
(Attributes List) The source media access control (MAC) address of network-related information about a finding. (see below for nested schema)network_source_port
(Attributes List) The source port of network-related information about a finding. (see below for nested schema)note_text
(Attributes List) The text of a note. (see below for nested schema)note_updated_at
(Attributes List) The timestamp of when the note was updated. (see below for nested schema)note_updated_by
(Attributes List) The principal that created a note. (see below for nested schema)process_launched_at
(Attributes List) A timestamp that identifies when the process was launched. (see below for nested schema)process_name
(Attributes List) The name of the process. (see below for nested schema)process_parent_pid
(Attributes List) The parent process ID. (see below for nested schema)process_path
(Attributes List) The path to the process executable. (see below for nested schema)process_pid
(Attributes List) The process ID. (see below for nested schema)process_terminated_at
(Attributes List) A timestamp that identifies when the process was terminated. (see below for nested schema)product_arn
(Attributes List) The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. (see below for nested schema)product_fields
(Attributes List) A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. (see below for nested schema)product_name
(Attributes List) The name of the solution (product) that generates findings. (see below for nested schema)recommendation_text
(Attributes List) The recommendation of what to do about the issue described in a finding. (see below for nested schema)record_state
(Attributes List) The updated record state for the finding. (see below for nested schema)region
(Attributes List) The Region from which the finding was generated. (see below for nested schema)related_findings_id
(Attributes List) The solution-generated identifier for a related finding. (see below for nested schema)related_findings_product_arn
(Attributes List) The ARN of the solution that generated a related finding. (see below for nested schema)resource_application_arn
(Attributes List) The ARN of the application that is related to a finding. (see below for nested schema)resource_application_name
(Attributes List) The name of the application that is related to a finding. (see below for nested schema)resource_aws_ec_2_instance_iam_instance_profile_arn
(Attributes List) The IAM profile ARN of the instance. (see below for nested schema)resource_aws_ec_2_instance_image_id
(Attributes List) The Amazon Machine Image (AMI) ID of the instance. (see below for nested schema)resource_aws_ec_2_instance_ip_v4_addresses
(Attributes List) The IPv4 addresses associated with the instance. (see below for nested schema)resource_aws_ec_2_instance_ip_v6_addresses
(Attributes List) The IPv6 addresses associated with the instance. (see below for nested schema)resource_aws_ec_2_instance_key_name
(Attributes List) The key name associated with the instance. (see below for nested schema)resource_aws_ec_2_instance_launched_at
(Attributes List) The date and time the instance was launched. (see below for nested schema)resource_aws_ec_2_instance_subnet_id
(Attributes List) The identifier of the subnet that the instance was launched in. (see below for nested schema)resource_aws_ec_2_instance_type
(Attributes List) The instance type of the instance. (see below for nested schema)resource_aws_ec_2_instance_vpc_id
(Attributes List) The identifier of the VPC that the instance was launched in. (see below for nested schema)resource_aws_iam_access_key_created_at
(Attributes List) The creation date/time of the IAM access key related to a finding. (see below for nested schema)resource_aws_iam_access_key_principal_name
(Attributes List) The name of the principal that is associated with an IAM access key. (see below for nested schema)resource_aws_iam_access_key_status
(Attributes List) The status of the IAM access key related to a finding. (see below for nested schema)resource_aws_iam_access_key_user_name
(Attributes List) The user associated with the IAM access key related to a finding. (see below for nested schema)resource_aws_iam_user_user_name
(Attributes List) The name of an IAM user. (see below for nested schema)resource_aws_s3_bucket_owner_id
(Attributes List) The canonical user ID of the owner of the S3 bucket. (see below for nested schema)resource_aws_s3_bucket_owner_name
(Attributes List) The display name of the owner of the S3 bucket. (see below for nested schema)resource_container_image_id
(Attributes List) The identifier of the image related to a finding. (see below for nested schema)resource_container_image_name
(Attributes List) The name of the image related to a finding. (see below for nested schema)resource_container_launched_at
(Attributes List) A timestamp that identifies when the container was started. (see below for nested schema)resource_container_name
(Attributes List) The name of the container related to a finding. (see below for nested schema)resource_details_other
(Attributes List) The details of a resource that doesn't have a specific subfield for the resource type defined. (see below for nested schema)resource_id
(Attributes List) The canonical identifier for the given resource type. (see below for nested schema)resource_partition
(Attributes List) The canonical AWS partition name that the Region is assigned to. (see below for nested schema)resource_region
(Attributes List) The canonical AWS external Region name where this resource is located. (see below for nested schema)resource_tags
(Attributes List) A list of AWS tags associated with a resource at the time the finding was processed. (see below for nested schema)resource_type
(Attributes List) Specifies the type of the resource that details are provided for. (see below for nested schema)sample
(Attributes List) Indicates whether or not sample findings are included in the filter results. (see below for nested schema)severity_label
(Attributes List) The label of a finding's severity. (see below for nested schema)severity_normalized
(Attributes List) The normalized severity of a finding. (see below for nested schema)severity_product
(Attributes List) The native severity as defined by the security findings provider's solution that generated the finding. (see below for nested schema)source_url
(Attributes List) A URL that links to a page about the current finding in the security findings provider's solution. (see below for nested schema)threat_intel_indicator_category
(Attributes List) The category of a threat intelligence indicator. (see below for nested schema)threat_intel_indicator_last_observed_at
(Attributes List) A timestamp that identifies the last observation of a threat intelligence indicator. (see below for nested schema)threat_intel_indicator_source
(Attributes List) The source of the threat intelligence. (see below for nested schema)threat_intel_indicator_source_url
(Attributes List) The URL for more details from the source of the threat intelligence. (see below for nested schema)threat_intel_indicator_type
(Attributes List) The type of a threat intelligence indicator. (see below for nested schema)threat_intel_indicator_value
(Attributes List) The value of a threat intelligence indicator. (see below for nested schema)title
(Attributes List) A finding's title. (see below for nested schema)type
(Attributes List) A finding type in the format of namespace/category/classifier that classifies a finding. (see below for nested schema)updated_at
(Attributes List) An ISO8601-formatted timestamp that indicates when the security findings provider last updated the finding record. (see below for nested schema)user_defined_fields
(Attributes List) A list of name/value string pairs associated with the finding. (see below for nested schema)verification_state
(Attributes List) The veracity of a finding. (see below for nested schema)vulnerabilities_exploit_available
(Attributes List) Indicates whether a software vulnerability in your environment has a known exploit. (see below for nested schema)vulnerabilities_fix_available
(Attributes List) Indicates whether a vulnerability is fixed in a newer version of the affected software packages. (see below for nested schema)workflow_state
(Attributes List) The workflow state of a finding. (see below for nested schema)workflow_status
(Attributes List) The status of the investigation into a finding. (see below for nested schema)filters.aws_account_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.aws_account_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.company_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.compliance_associated_standards_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.compliance_security_control_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.compliance_security_control_parameters_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.compliance_security_control_parameters_value
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.compliance_status
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.confidence
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.created_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.created_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.criticality
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.description
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.finding_provider_fields_confidence
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.finding_provider_fields_criticality
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.finding_provider_fields_related_findings_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.finding_provider_fields_related_findings_product_arn
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.finding_provider_fields_severity_label
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.finding_provider_fields_severity_original
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.finding_provider_fields_types
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.first_observed_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.first_observed_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.generator_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.keyword
Required:
value
(String) A value for the keyword.filters.last_observed_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.last_observed_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.malware_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.malware_path
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.malware_state
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.malware_type
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_destination_domain
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_destination_ip_v4
Required:
cidr
(String) A finding's CIDR value.filters.network_destination_ip_v6
Required:
cidr
(String) A finding's CIDR value.filters.network_destination_port
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.network_direction
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_protocol
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_source_domain
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_source_ip_v4
Required:
cidr
(String) A finding's CIDR value.filters.network_source_ip_v6
Required:
cidr
(String) A finding's CIDR value.filters.network_source_mac
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.network_source_port
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.note_text
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.note_updated_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.note_updated_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.note_updated_by
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.process_launched_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.process_launched_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.process_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.process_parent_pid
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.process_path
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.process_pid
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.process_terminated_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.process_terminated_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.product_arn
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.product_fields
Required:
comparison
(String) The condition to apply to the key value when filtering Security Hub findings with a map filter.key
(String) Non-empty string definition.value
(String) Non-empty string definition.filters.product_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.recommendation_text
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.record_state
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.region
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.related_findings_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.related_findings_product_arn
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_application_arn
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_application_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_iam_instance_profile_arn
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_image_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_ip_v4_addresses
Required:
cidr
(String) A finding's CIDR value.filters.resource_aws_ec_2_instance_ip_v6_addresses
Required:
cidr
(String) A finding's CIDR value.filters.resource_aws_ec_2_instance_key_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_launched_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.resource_aws_ec_2_instance_launched_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.resource_aws_ec_2_instance_subnet_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_type
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_ec_2_instance_vpc_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_iam_access_key_created_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.resource_aws_iam_access_key_created_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.resource_aws_iam_access_key_principal_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_iam_access_key_status
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_iam_access_key_user_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_iam_user_user_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_s3_bucket_owner_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_aws_s3_bucket_owner_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_container_image_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_container_image_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_container_launched_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.resource_container_launched_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.resource_container_name
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_details_other
Required:
comparison
(String) The condition to apply to the key value when filtering Security Hub findings with a map filter.key
(String) Non-empty string definition.value
(String) Non-empty string definition.filters.resource_id
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_partition
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_region
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.resource_tags
Required:
comparison
(String) The condition to apply to the key value when filtering Security Hub findings with a map filter.key
(String) Non-empty string definition.value
(String) Non-empty string definition.filters.resource_type
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.sample
Required:
value
(Boolean) The value of the boolean.filters.severity_label
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.severity_normalized
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.severity_product
Optional:
eq
(Number) The equal-to condition to be applied to a single field when querying for findings.gte
(Number) The greater-than-equal condition to be applied to a single field when querying for findings.lte
(Number) The less-than-equal condition to be applied to a single field when querying for findings.filters.source_url
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.threat_intel_indicator_category
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.threat_intel_indicator_last_observed_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.threat_intel_indicator_last_observed_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.threat_intel_indicator_source
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.threat_intel_indicator_source_url
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.threat_intel_indicator_type
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.threat_intel_indicator_value
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.title
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.type
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.updated_at
Optional:
date_range
(Attributes) A date range for the date filter. (see below for nested schema)end
(String) The date and time, in UTC and ISO 8601 format.start
(String) The date and time, in UTC and ISO 8601 format.filters.updated_at.date_range
Required:
unit
(String) A date range unit for the date filter.value
(Number) A date range value for the date filter.filters.user_defined_fields
Required:
comparison
(String) The condition to apply to the key value when filtering Security Hub findings with a map filter.key
(String) Non-empty string definition.value
(String) Non-empty string definition.filters.verification_state
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.vulnerabilities_exploit_available
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.vulnerabilities_fix_available
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.workflow_state
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.filters.workflow_status
Required:
comparison
(String) The condition to apply to a string value when filtering Security Hub findings.value
(String) Non-empty string definition.Import is supported using the following syntax:
$ terraform import awscc_securityhub_insight.example <resource ID>