interface MapFilterProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.SecurityHub.CfnAutomationRule.MapFilterProperty |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awssecurityhub#CfnAutomationRule_MapFilterProperty |
 Java | software.amazon.awscdk.services.securityhub.CfnAutomationRule.MapFilterProperty |
 Python | aws_cdk.aws_securityhub.CfnAutomationRule.MapFilterProperty |
 TypeScript | aws-cdk-lib » aws_securityhub » CfnAutomationRule » MapFilterProperty |
A map filter for filtering AWS Security Hub findings.
Each map filter provides the field to check for, the value to check for, and the comparison operator.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_securityhub as securityhub } from 'aws-cdk-lib';
const mapFilterProperty: securityhub.CfnAutomationRule.MapFilterProperty = {
comparison: 'comparison',
key: 'key',
value: 'value',
};
Properties
| Name | Type | Description |
|---|---|---|
| comparison | string | The condition to apply to the key value when filtering Security Hub findings with a map filter. |
| key | string | The key of the map filter. |
| value | string | The value for the key in the map filter. |
comparison
Type:
string
The condition to apply to the key value when filtering Security Hub findings with a map filter.
To search for values that have the filter value, use one of the following comparison operators:
- To search for values that include the filter value, use
CONTAINS. For example, for theResourceTagsfield, the filterDepartment CONTAINS Securitymatches findings that include the valueSecurityfor theDepartmenttag. In the same example, a finding with a value ofSecurity teamfor theDepartmenttag is a match. - To search for values that exactly match the filter value, use
EQUALS. For example, for theResourceTagsfield, the filterDepartment EQUALS Securitymatches findings that have the valueSecurityfor theDepartmenttag.
CONTAINS and EQUALS filters on the same field are joined by OR . A finding matches if it matches any one of those filters. For example, the filters Department CONTAINS Security OR Department CONTAINS Finance match a finding that includes either Security , Finance , or both values.
To search for values that don't have the filter value, use one of the following comparison operators:
- To search for values that exclude the filter value, use
NOT_CONTAINS. For example, for theResourceTagsfield, the filterDepartment NOT_CONTAINS Financematches findings that exclude the valueFinancefor theDepartmenttag. - To search for values other than the filter value, use
NOT_EQUALS. For example, for theResourceTagsfield, the filterDepartment NOT_EQUALS Financematches findings that don’t have the valueFinancefor theDepartmenttag.
NOT_CONTAINS and NOT_EQUALS filters on the same field are joined by AND . A finding matches only if it matches all of those filters. For example, the filters Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance match a finding that excludes both the Security and Finance values.
CONTAINS filters can only be used with other CONTAINS filters. NOT_CONTAINS filters can only be used with other NOT_CONTAINS filters.
You can’t have both a CONTAINS filter and a NOT_CONTAINS filter on the same field. Similarly, you can’t have both an EQUALS filter and a NOT_EQUALS filter on the same field. Combining filters in this way returns an error.
CONTAINS and NOT_CONTAINS operators can be used only with automation rules. For more information, see Automation rules in the AWS Security Hub User Guide .
key
Type:
string
The key of the map filter.
For example, for ResourceTags , Key identifies the name of the tag. For UserDefinedFields , Key is the name of the field.
value
Type:
string
The value for the key in the map filter.
Filter values are case sensitive. For example, one of the values for a tag called Department might be Security . If you provide security as the filter value, then there's no match.