Class SecurityHubStandardConfig

SecurityConfig / CentralSecurityServicesConfig / SecurityHubConfig / SecurityHubStandardConfig

https://docs.aws.amazon.com/securityhub/latest/userguide/standards-reference.html | AWS Security Hub standards configuration. Use this configuration to define the security standard(s) that are enabled through Amazon Security Hub and which accounts and/or organization units that the controls are deployed to.

Example

- name: PCI DSS v3.2.1
  deploymentTargets:
   organizationalUnits:
    -  Root
  enable: true
  controlsToDisable:
    # Refer to the document for the controls
    # https://docs.aws.amazon.com/securityhub/latest/userguide/pci-standard.html
    - Control1
    - Control2

Hierarchy

  • SecurityHubStandardConfig

Implements

Constructors

constructor

Properties

controlsToDisable deploymentTargets enable name

Constructors

constructor

Properties

Readonly controlsToDisable

controlsToDisable: string[] = []

(OPTIONAL) An array of control names to be disabled for the given security standards

Readonly deploymentTargets

deploymentTargets: undefined | DeploymentTargets = undefined

(OPTIONAL) Deployment targets for AWS Security Hub standard.

Readonly enable

enable: true = true

Indicates whether given AWS Security Hub standard enabled.

Readonly name

name: "" = ''

An enum value that specifies one of three security standards supported by Security Hub Possible values are 'AWS Foundational Security Best Practices v1.0.0', 'CIS AWS Foundations Benchmark v1.2.0', 'CIS AWS Foundations Benchmark v1.4.0', 'NIST Special Publication 800-53 Revision 5, and 'PCI DSS v3.2.1'

Settings

Member Visibility

Theme

Generated using TypeDoc