Class: Aws::SecurityHub::Types::SecurityControl

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::SecurityControl

Defined in:

gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

A security control in Security Hub CSPM describes a security best practice related to a specific resource.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #description ⇒ String

  The description of a security control across standards.

• #last_update_reason ⇒ String

  The most recent reason for updating the customizable properties of a security control.

• #parameters ⇒ Hash<String,Types::ParameterConfiguration>

  An object that identifies the name of a control parameter, its current value, and whether it has been customized.

• #remediation_url ⇒ String

  A link to Security Hub CSPM documentation that explains how to remediate a failed finding for a security control.

• #security_control_arn ⇒ String

  The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1.

• #security_control_id ⇒ String

  The unique identifier of a security control across standards.

• #security_control_status ⇒ String

  The enablement status of a security control in a specific standard.

• #severity_rating ⇒ String

  The severity of a security control.

• #title ⇒ String

  The title of a security control.

• #update_status ⇒ String

  Identifies whether customizable properties of a security control are reflected in Security Hub CSPM findings.

Instance Attribute Details

#description ⇒ String

The description of a security control across standards. This typically summarizes how Security Hub CSPM evaluates the control and the conditions under which it produces a failed finding. This parameter doesn't reference a specific standard.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#last_update_reason ⇒ String

The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#parameters ⇒ Hash<String,Types::ParameterConfiguration>

An object that identifies the name of a control parameter, its current value, and whether it has been customized.

Returns:

• (Hash<String,Types::ParameterConfiguration>)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#remediation_url ⇒ String

A link to Security Hub CSPM documentation that explains how to remediate a failed finding for a security control.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_arn ⇒ String

The Amazon Resource Name (ARN) for a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1. This parameter doesn't mention a specific standard.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_id ⇒ String

The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#security_control_status ⇒ String

The enablement status of a security control in a specific standard.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#severity_rating ⇒ String

The severity of a security control. For more information about how Security Hub CSPM determines control severity, see Assigning severity to control findings in the Security Hub CSPM User Guide.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#title ⇒ String

The title of a security control.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end

#update_status ⇒ String

Identifies whether customizable properties of a security control are reflected in Security Hub CSPM findings. A status of READY indicates that Security Hub CSPM uses the current control parameter values when running security checks of the control. A status of UPDATING indicates that all security checks might not use the current parameter values.

Returns:

• (String)

# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 31048

class SecurityControl < Struct.new(
  :security_control_id,
  :security_control_arn,
  :title,
  :description,
  :remediation_url,
  :severity_rating,
  :security_control_status,
  :update_status,
  :parameters,
  :last_update_reason)
  SENSITIVE = []
  include Aws::Structure
end