Package software.amazon.awscdk.services.iot

Class CfnSecurityProfile

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.CfnElement

software.amazon.awscdk.CfnRefElement

software.amazon.awscdk.CfnResource

software.amazon.awscdk.services.iot.CfnSecurityProfile

All Implemented Interfaces:

IInspectable, ITaggable, ISecurityProfileRef, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)",
           date="2025-10-24T13:34:40.114Z")
@Stability(Stable)
public class CfnSecurityProfile
extends CfnResource
implements IInspectable, ISecurityProfileRef, ITaggable

Use the AWS::IoT::SecurityProfile resource to create a Device Defender security profile.

For API reference, see CreateSecurityProfile and for general information, see Detect .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.iot.*;
 CfnSecurityProfile cfnSecurityProfile = CfnSecurityProfile.Builder.create(this, "MyCfnSecurityProfile")
         .additionalMetricsToRetainV2(List.of(MetricToRetainProperty.builder()
                 .metric("metric")
                 // the properties below are optional
                 .exportMetric(false)
                 .metricDimension(MetricDimensionProperty.builder()
                         .dimensionName("dimensionName")
                         // the properties below are optional
                         .operator("operator")
                         .build())
                 .build()))
         .alertTargets(Map.of(
                 "alertTargetsKey", AlertTargetProperty.builder()
                         .alertTargetArn("alertTargetArn")
                         .roleArn("roleArn")
                         .build()))
         .behaviors(List.of(BehaviorProperty.builder()
                 .name("name")
                 // the properties below are optional
                 .criteria(BehaviorCriteriaProperty.builder()
                         .comparisonOperator("comparisonOperator")
                         .consecutiveDatapointsToAlarm(123)
                         .consecutiveDatapointsToClear(123)
                         .durationSeconds(123)
                         .mlDetectionConfig(MachineLearningDetectionConfigProperty.builder()
                                 .confidenceLevel("confidenceLevel")
                                 .build())
                         .statisticalThreshold(StatisticalThresholdProperty.builder()
                                 .statistic("statistic")
                                 .build())
                         .value(MetricValueProperty.builder()
                                 .cidrs(List.of("cidrs"))
                                 .count("count")
                                 .number(123)
                                 .numbers(List.of(123))
                                 .ports(List.of(123))
                                 .strings(List.of("strings"))
                                 .build())
                         .build())
                 .exportMetric(false)
                 .metric("metric")
                 .metricDimension(MetricDimensionProperty.builder()
                         .dimensionName("dimensionName")
                         // the properties below are optional
                         .operator("operator")
                         .build())
                 .suppressAlerts(false)
                 .build()))
         .metricsExportConfig(MetricsExportConfigProperty.builder()
                 .mqttTopic("mqttTopic")
                 .roleArn("roleArn")
                 .build())
         .securityProfileDescription("securityProfileDescription")
         .securityProfileName("securityProfileName")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .targetArns(List.of("targetArns"))
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-securityprofile.html

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	CfnSecurityProfile.AlertTargetProperty	A structure containing the alert target ARN and the role ARN.
static interface	CfnSecurityProfile.BehaviorCriteriaProperty	The criteria by which the behavior is determined to be normal.
static interface	CfnSecurityProfile.BehaviorProperty	A Device Defender security profile behavior.
static final class	CfnSecurityProfile.Builder	A fluent builder for CfnSecurityProfile.
static interface	CfnSecurityProfile.MachineLearningDetectionConfigProperty	The MachineLearningDetectionConfig property type controls confidence of the machine learning model.
static interface	CfnSecurityProfile.MetricDimensionProperty	The dimension of the metric.
static interface	CfnSecurityProfile.MetricsExportConfigProperty	Specifies the MQTT topic and role ARN required for metric export.
static interface	CfnSecurityProfile.MetricToRetainProperty	The metric you want to retain.
static interface	CfnSecurityProfile.MetricValueProperty	The value to be compared with the metric .
static interface	CfnSecurityProfile.StatisticalThresholdProperty	A statistical ranking (percentile) that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.iot.ISecurityProfileRef

ISecurityProfileRef.Jsii$Default, ISecurityProfileRef.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.ITaggable

ITaggable.Jsii$Default, ITaggable.Jsii$Proxy

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CFN_RESOURCE_TYPE_NAME	The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	CfnSecurityProfile(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnSecurityProfile(software.amazon.jsii.JsiiObjectRef objRef)
	CfnSecurityProfile(software.constructs.Construct scope, String id)
	CfnSecurityProfile(software.constructs.Construct scope, String id, CfnSecurityProfileProps props)

Method Summary

Modifier and Type	Method	Description
static ISecurityProfileRef	fromSecurityProfileArn(software.constructs.Construct scope, String id, String arn)	Creates a new ISecurityProfileRef from an ARN.
static ISecurityProfileRef	fromSecurityProfileName(software.constructs.Construct scope, String id, String securityProfileName)	Creates a new ISecurityProfileRef from a securityProfileName.
Object	getAdditionalMetricsToRetainV2()	A list of metrics whose data is retained (stored).
Object	getAlertTargets()	Specifies the destinations to which alerts are sent.
String	getAttrSecurityProfileArn()	The Amazon Resource Name (ARN) of the security profile.
Object	getBehaviors()	Specifies the behaviors that, when violated by a device (thing), cause an alert.
protected Map<String,Object>	getCfnProperties()
Object	getMetricsExportConfig()	Specifies the MQTT topic and role ARN required for metric export.
String	getSecurityProfileDescription()	A description of the security profile.
String	getSecurityProfileName()	The name you gave to the security profile.
SecurityProfileReference	getSecurityProfileRef()	A reference to a SecurityProfile resource.
TagManager	getTags()	Tag Manager which manages the tags for this resource.
List<CfnTag>	getTagsRaw()	Metadata that can be used to manage the security profile.
List<String>	getTargetArns()	The ARN of the target (thing group) to which the security profile is attached.
void	inspect(TreeInspector inspector)	Examines the CloudFormation resource and discloses attributes.
protected Map<String,Object>	renderProperties(Map<String,Object> props)
void	setAdditionalMetricsToRetainV2(List<Object> value)	A list of metrics whose data is retained (stored).
void	setAdditionalMetricsToRetainV2(IResolvable value)	A list of metrics whose data is retained (stored).
void	setAlertTargets(Map<String,Object> value)	Specifies the destinations to which alerts are sent.
void	setAlertTargets(IResolvable value)	Specifies the destinations to which alerts are sent.
void	setBehaviors(List<Object> value)	Specifies the behaviors that, when violated by a device (thing), cause an alert.
void	setBehaviors(IResolvable value)	Specifies the behaviors that, when violated by a device (thing), cause an alert.
void	setMetricsExportConfig(IResolvable value)	Specifies the MQTT topic and role ARN required for metric export.
void	setMetricsExportConfig(CfnSecurityProfile.MetricsExportConfigProperty value)	Specifies the MQTT topic and role ARN required for metric export.
void	setSecurityProfileDescription(String value)	A description of the security profile.
void	setSecurityProfileName(String value)	The name you gave to the security profile.
void	setTagsRaw(List<CfnTag> value)	Metadata that can be used to manage the security profile.
void	setTargetArns(List<String> value)	The ARN of the target (thing group) to which the security profile is attached.

Methods inherited from class software.amazon.awscdk.CfnResource

addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.constructs.Construct

getNode, isConstruct

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.constructs.IConstruct

getNode

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Details

CFN_RESOURCE_TYPE_NAME

@Stability(Stable)
public static final String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Details

CfnSecurityProfile

protected CfnSecurityProfile(software.amazon.jsii.JsiiObjectRef objRef)

CfnSecurityProfile

protected CfnSecurityProfile(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnSecurityProfile

@Stability(Stable)
public CfnSecurityProfile(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @Nullable
 CfnSecurityProfileProps props)

Parameters:

scope - Scope in which this resource is defined. This parameter is required.

id - Construct identifier for this resource (unique in its scope). This parameter is required.

props - Resource properties.

CfnSecurityProfile

@Stability(Stable)
public CfnSecurityProfile(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id)

Parameters:

scope - Scope in which this resource is defined. This parameter is required.

id - Construct identifier for this resource (unique in its scope). This parameter is required.

Method Details

fromSecurityProfileArn

@Stability(Stable)
@NotNull
public static ISecurityProfileRef fromSecurityProfileArn(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 String arn)

Creates a new ISecurityProfileRef from an ARN.

Parameters:

scope - This parameter is required.

id - This parameter is required.

arn - This parameter is required.

fromSecurityProfileName

@Stability(Stable)
@NotNull
public static ISecurityProfileRef fromSecurityProfileName(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 String securityProfileName)

Creates a new ISecurityProfileRef from a securityProfileName.

Parameters:

scope - This parameter is required.

id - This parameter is required.

securityProfileName - This parameter is required.

inspect

@Stability(Stable)
public void inspect(@NotNull
 TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - tree inspector to collect and process attributes. This parameter is required.

renderProperties

@Stability(Stable)
@NotNull
protected Map<String,Object> renderProperties(@NotNull
 Map<String,Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrSecurityProfileArn

@Stability(Stable)
@NotNull
public String getAttrSecurityProfileArn()

The Amazon Resource Name (ARN) of the security profile.

getCfnProperties

@Stability(Stable)
@NotNull
protected Map<String,Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getSecurityProfileRef

@Stability(Stable)
@NotNull
public SecurityProfileReference getSecurityProfileRef()

A reference to a SecurityProfile resource.

Specified by:

getSecurityProfileRef in interface ISecurityProfileRef

getTags

@Stability(Stable)
@NotNull
public TagManager getTags()

Tag Manager which manages the tags for this resource.

Specified by:

getTags in interface ITaggable

getAdditionalMetricsToRetainV2

@Stability(Stable)
@Nullable
public Object getAdditionalMetricsToRetainV2()

A list of metrics whose data is retained (stored).

Returns union: either IResolvable or Listinvalid input: '<'either IResolvable or CfnSecurityProfile.MetricToRetainProperty>

setAdditionalMetricsToRetainV2

@Stability(Stable)
public void setAdditionalMetricsToRetainV2(@Nullable
 IResolvable value)

A list of metrics whose data is retained (stored).

setAdditionalMetricsToRetainV2

@Stability(Stable)
public void setAdditionalMetricsToRetainV2(@Nullable
 List<Object> value)

A list of metrics whose data is retained (stored).

getAlertTargets

@Stability(Stable)
@Nullable
public Object getAlertTargets()

Specifies the destinations to which alerts are sent.

Returns union: either IResolvable or Mapinvalid input: '<'String, either IResolvable or CfnSecurityProfile.AlertTargetProperty>

setAlertTargets

@Stability(Stable)
public void setAlertTargets(@Nullable
 IResolvable value)

Specifies the destinations to which alerts are sent.

setAlertTargets

@Stability(Stable)
public void setAlertTargets(@Nullable
 Map<String,Object> value)

Specifies the destinations to which alerts are sent.

getBehaviors

@Stability(Stable)
@Nullable
public Object getBehaviors()

Specifies the behaviors that, when violated by a device (thing), cause an alert.

Returns union: either IResolvable or Listinvalid input: '<'either IResolvable or CfnSecurityProfile.BehaviorProperty>

setBehaviors

@Stability(Stable)
public void setBehaviors(@Nullable
 IResolvable value)

Specifies the behaviors that, when violated by a device (thing), cause an alert.

setBehaviors

@Stability(Stable)
public void setBehaviors(@Nullable
 List<Object> value)

Specifies the behaviors that, when violated by a device (thing), cause an alert.

getMetricsExportConfig

@Stability(Stable)
@Nullable
public Object getMetricsExportConfig()

Specifies the MQTT topic and role ARN required for metric export.

Returns union: either IResolvable or CfnSecurityProfile.MetricsExportConfigProperty

setMetricsExportConfig

@Stability(Stable)
public void setMetricsExportConfig(@Nullable
 IResolvable value)

Specifies the MQTT topic and role ARN required for metric export.

setMetricsExportConfig

@Stability(Stable)
public void setMetricsExportConfig(@Nullable
 CfnSecurityProfile.MetricsExportConfigProperty value)

Specifies the MQTT topic and role ARN required for metric export.

getSecurityProfileDescription

@Stability(Stable)
@Nullable
public String getSecurityProfileDescription()

A description of the security profile.

setSecurityProfileDescription

@Stability(Stable)
public void setSecurityProfileDescription(@Nullable
 String value)

A description of the security profile.

getSecurityProfileName

@Stability(Stable)
@Nullable
public String getSecurityProfileName()

The name you gave to the security profile.

setSecurityProfileName

@Stability(Stable)
public void setSecurityProfileName(@Nullable
 String value)

The name you gave to the security profile.

getTagsRaw

@Stability(Stable)
@Nullable
public List<CfnTag> getTagsRaw()

Metadata that can be used to manage the security profile.

setTagsRaw

@Stability(Stable)
public void setTagsRaw(@Nullable
 List<CfnTag> value)

Metadata that can be used to manage the security profile.

getTargetArns

@Stability(Stable)
@Nullable
public List<String> getTargetArns()

The ARN of the target (thing group) to which the security profile is attached.

setTargetArns

@Stability(Stable)
public void setTargetArns(@Nullable
 List<String> value)

The ARN of the target (thing group) to which the security profile is attached.