automation_rule
Gets an individual automation_rule resource
Overview
| Name | automation_rule |
| Type | Resource |
| Description | automation_rule |
| Id | awscc.securityhub.automation_rule |
Fields
| Name | Datatype | Description |
|---|---|---|
rule_arn | string | |
rule_status | string | Whether the rule is active after it is created. If this parameter is equal to ``ENABLED``, ASH applies the rule to findings and finding updates after the rule is created. |
rule_order | integer | |
description | string | |
rule_name | string | |
created_at | string | |
updated_at | string | |
created_by | string | |
is_terminal | boolean | |
actions | array | |
criteria | object | A set of [Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding. |
tags | object | |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
rule_arn,
rule_status,
rule_order,
description,
rule_name,
created_at,
updated_at,
created_by,
is_terminal,
actions,
criteria,
tags
FROM awscc.securityhub.automation_rule
WHERE data__Identifier = '<RuleArn>';
Permissions
To operate on the automation_rule resource, the following permissions are required:
Read
securityhub:ListAutomationRules,
securityhub:BatchGetAutomationRules,
securityhub:ListTagsForResource
Update
securityhub:BatchUpdateAutomationRules,
securityhub:TagResource,
securityhub:UntagResource,
securityhub:ListTagsForResource
Delete
securityhub:BatchDeleteAutomationRules,
securityhub:BatchGetAutomationRules