Viewing docs for AWS v7.32.0
published on Friday, May 29, 2026 by Pulumi
published on Friday, May 29, 2026 by Pulumi
Viewing docs for AWS v7.32.0
published on Friday, May 29, 2026 by Pulumi
published on Friday, May 29, 2026 by Pulumi
Manages a Security Hub V2 Automation Rule, which automatically updates or takes action on findings that match specified criteria.
NOTE: Automation rules must be created in the aggregation (home) region. A Security Hub V2 Aggregator (
aws.securityhub.AggregatorV2) must exist before creating automation rules.
Example Usage
Basic
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.securityhub.AccountV2("example", {});
const exampleAggregatorV2 = new aws.securityhub.AggregatorV2("example", {regionLinkingMode: "ALL_REGIONS"}, {
dependsOn: [example],
});
const exampleAutomationRuleV2 = new aws.securityhub.AutomationRuleV2("example", {
ruleName: "suppress-guardduty-low",
description: "Suppress low severity GuardDuty findings",
ruleOrder: 100,
ruleStatus: "ENABLED",
criteria: {
ocsfFindingCriteriaJson: JSON.stringify({
CompositeFilters: [{
StringFilters: [{
FieldName: "metadata.product.name",
Filter: {
Comparison: "EQUALS",
Value: "GuardDuty",
},
}],
}],
CompositeOperator: "AND",
}),
},
action: {
type: "FINDING_FIELDS_UPDATE",
findingFieldsUpdate: {
severityId: 99,
statusId: 3,
comment: "Low severity GuardDuty finding suppressed",
},
},
}, {
dependsOn: [exampleAggregatorV2],
});
import pulumi
import json
import pulumi_aws as aws
example = aws.securityhub.AccountV2("example")
example_aggregator_v2 = aws.securityhub.AggregatorV2("example", region_linking_mode="ALL_REGIONS",
opts = pulumi.ResourceOptions(depends_on=[example]))
example_automation_rule_v2 = aws.securityhub.AutomationRuleV2("example",
rule_name="suppress-guardduty-low",
description="Suppress low severity GuardDuty findings",
rule_order=float(100),
rule_status="ENABLED",
criteria={
"ocsf_finding_criteria_json": json.dumps({
"CompositeFilters": [{
"StringFilters": [{
"FieldName": "metadata.product.name",
"Filter": {
"Comparison": "EQUALS",
"Value": "GuardDuty",
},
}],
}],
"CompositeOperator": "AND",
}),
},
action={
"type": "FINDING_FIELDS_UPDATE",
"finding_fields_update": {
"severity_id": 99,
"status_id": 3,
"comment": "Low severity GuardDuty finding suppressed",
},
},
opts = pulumi.ResourceOptions(depends_on=[example_aggregator_v2]))
package main
import (
"encoding/json"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := securityhub.NewAccountV2(ctx, "example", nil)
if err != nil {
return err
}
exampleAggregatorV2, err := securityhub.NewAggregatorV2(ctx, "example", &securityhub.AggregatorV2Args{
RegionLinkingMode: pulumi.String("ALL_REGIONS"),
}, pulumi.DependsOn([]pulumi.Resource{
example,
}))
if err != nil {
return err
}
tmpJSON0, err := json.Marshal(map[string]interface{}{
"CompositeFilters": []map[string]interface{}{
map[string]interface{}{
"StringFilters": []map[string]interface{}{
map[string]interface{}{
"FieldName": "metadata.product.name",
"Filter": map[string]interface{}{
"Comparison": "EQUALS",
"Value": "GuardDuty",
},
},
},
},
},
"CompositeOperator": "AND",
})
if err != nil {
return err
}
json0 := string(tmpJSON0)
_, err = securityhub.NewAutomationRuleV2(ctx, "example", &securityhub.AutomationRuleV2Args{
RuleName: pulumi.String("suppress-guardduty-low"),
Description: pulumi.String("Suppress low severity GuardDuty findings"),
RuleOrder: pulumi.Float64(100),
RuleStatus: pulumi.String("ENABLED"),
Criteria: &securityhub.AutomationRuleV2CriteriaArgs{
OcsfFindingCriteriaJson: pulumi.String(pulumi.String(json0)),
},
Action: &securityhub.AutomationRuleV2ActionArgs{
Type: pulumi.String("FINDING_FIELDS_UPDATE"),
FindingFieldsUpdate: &securityhub.AutomationRuleV2ActionFindingFieldsUpdateArgs{
SeverityId: pulumi.Int(99),
StatusId: pulumi.Int(3),
Comment: pulumi.String("Low severity GuardDuty finding suppressed"),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
exampleAggregatorV2,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.SecurityHub.AccountV2("example");
var exampleAggregatorV2 = new Aws.SecurityHub.AggregatorV2("example", new()
{
RegionLinkingMode = "ALL_REGIONS",
}, new CustomResourceOptions
{
DependsOn =
{
example,
},
});
var exampleAutomationRuleV2 = new Aws.SecurityHub.AutomationRuleV2("example", new()
{
RuleName = "suppress-guardduty-low",
Description = "Suppress low severity GuardDuty findings",
RuleOrder = 100,
RuleStatus = "ENABLED",
Criteria = new Aws.SecurityHub.Inputs.AutomationRuleV2CriteriaArgs
{
OcsfFindingCriteriaJson = JsonSerializer.Serialize(new Dictionary<string, object?>
{
["CompositeFilters"] = new[]
{
new Dictionary<string, object?>
{
["StringFilters"] = new[]
{
new Dictionary<string, object?>
{
["FieldName"] = "metadata.product.name",
["Filter"] = new Dictionary<string, object?>
{
["Comparison"] = "EQUALS",
["Value"] = "GuardDuty",
},
},
},
},
},
["CompositeOperator"] = "AND",
}),
},
Action = new Aws.SecurityHub.Inputs.AutomationRuleV2ActionArgs
{
Type = "FINDING_FIELDS_UPDATE",
FindingFieldsUpdate = new Aws.SecurityHub.Inputs.AutomationRuleV2ActionFindingFieldsUpdateArgs
{
SeverityId = 99,
StatusId = 3,
Comment = "Low severity GuardDuty finding suppressed",
},
},
}, new CustomResourceOptions
{
DependsOn =
{
exampleAggregatorV2,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.AccountV2;
import com.pulumi.aws.securityhub.AggregatorV2;
import com.pulumi.aws.securityhub.AggregatorV2Args;
import com.pulumi.aws.securityhub.AutomationRuleV2;
import com.pulumi.aws.securityhub.AutomationRuleV2Args;
import com.pulumi.aws.securityhub.inputs.AutomationRuleV2CriteriaArgs;
import com.pulumi.aws.securityhub.inputs.AutomationRuleV2ActionArgs;
import com.pulumi.aws.securityhub.inputs.AutomationRuleV2ActionFindingFieldsUpdateArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import com.pulumi.resources.CustomResourceOptions;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AccountV2("example");
var exampleAggregatorV2 = new AggregatorV2("exampleAggregatorV2", AggregatorV2Args.builder()
.regionLinkingMode("ALL_REGIONS")
.build(), CustomResourceOptions.builder()
.dependsOn(example)
.build());
var exampleAutomationRuleV2 = new AutomationRuleV2("exampleAutomationRuleV2", AutomationRuleV2Args.builder()
.ruleName("suppress-guardduty-low")
.description("Suppress low severity GuardDuty findings")
.ruleOrder(100.0)
.ruleStatus("ENABLED")
.criteria(AutomationRuleV2CriteriaArgs.builder()
.ocsfFindingCriteriaJson(serializeJson(
jsonObject(
jsonProperty("CompositeFilters", jsonArray(jsonObject(
jsonProperty("StringFilters", jsonArray(jsonObject(
jsonProperty("FieldName", "metadata.product.name"),
jsonProperty("Filter", jsonObject(
jsonProperty("Comparison", "EQUALS"),
jsonProperty("Value", "GuardDuty")
))
)))
))),
jsonProperty("CompositeOperator", "AND")
)))
.build())
.action(AutomationRuleV2ActionArgs.builder()
.type("FINDING_FIELDS_UPDATE")
.findingFieldsUpdate(AutomationRuleV2ActionFindingFieldsUpdateArgs.builder()
.severityId(99)
.statusId(3)
.comment("Low severity GuardDuty finding suppressed")
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAggregatorV2)
.build());
}
}
resources:
example:
type: aws:securityhub:AccountV2
exampleAggregatorV2:
type: aws:securityhub:AggregatorV2
name: example
properties:
regionLinkingMode: ALL_REGIONS
options:
dependsOn:
- ${example}
exampleAutomationRuleV2:
type: aws:securityhub:AutomationRuleV2
name: example
properties:
ruleName: suppress-guardduty-low
description: Suppress low severity GuardDuty findings
ruleOrder: 100
ruleStatus: ENABLED
criteria:
ocsfFindingCriteriaJson:
fn::toJSON:
CompositeFilters:
- StringFilters:
- FieldName: metadata.product.name
Filter:
Comparison: EQUALS
Value: GuardDuty
CompositeOperator: AND
action:
type: FINDING_FIELDS_UPDATE
findingFieldsUpdate:
severityId: 99
statusId: 3
comment: Low severity GuardDuty finding suppressed
options:
dependsOn:
- ${exampleAggregatorV2}
pulumi {
required_providers {
aws = {
source = "pulumi/aws"
}
}
}
resource "aws_securityhub_accountv2" "example" {
}
resource "aws_securityhub_aggregatorv2" "example" {
depends_on = [aws_securityhub_accountv2.example]
region_linking_mode = "ALL_REGIONS"
}
resource "aws_securityhub_automationrulev2" "example" {
depends_on = [aws_securityhub_aggregatorv2.example]
rule_name = "suppress-guardduty-low"
description = "Suppress low severity GuardDuty findings"
rule_order = 100
rule_status = "ENABLED"
criteria = {
ocsf_finding_criteria_json = jsonencode({
"CompositeFilters" = [{
"StringFilters" = [{
"FieldName" = "metadata.product.name"
"Filter" = {
"Comparison" = "EQUALS"
"Value" = "GuardDuty"
}
}]
}]
"CompositeOperator" = "AND"
})
}
action = {
type = "FINDING_FIELDS_UPDATE"
finding_fields_update = {
severity_id = 99
status_id = 3
comment = "Low severity GuardDuty finding suppressed"
}
}
}
Create AutomationRuleV2 Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AutomationRuleV2(name: string, args: AutomationRuleV2Args, opts?: CustomResourceOptions);@overload
def AutomationRuleV2(resource_name: str,
args: AutomationRuleV2Args,
opts: Optional[ResourceOptions] = None)
@overload
def AutomationRuleV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[AutomationRuleV2ActionArgs] = None,
criteria: Optional[AutomationRuleV2CriteriaArgs] = None,
description: Optional[str] = None,
rule_name: Optional[str] = None,
rule_order: Optional[float] = None,
region: Optional[str] = None,
rule_status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)func NewAutomationRuleV2(ctx *Context, name string, args AutomationRuleV2Args, opts ...ResourceOption) (*AutomationRuleV2, error)public AutomationRuleV2(string name, AutomationRuleV2Args args, CustomResourceOptions? opts = null)
public AutomationRuleV2(String name, AutomationRuleV2Args args)
public AutomationRuleV2(String name, AutomationRuleV2Args args, CustomResourceOptions options)
type: aws:securityhub:AutomationRuleV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "aws_securityhub_automationrulev2" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args AutomationRuleV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AutomationRuleV2Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AutomationRuleV2Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AutomationRuleV2Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AutomationRuleV2Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var automationRuleV2Resource = new Aws.SecurityHub.AutomationRuleV2("automationRuleV2Resource", new()
{
Action = new Aws.SecurityHub.Inputs.AutomationRuleV2ActionArgs
{
Type = "string",
ExternalIntegrationConfiguration = new Aws.SecurityHub.Inputs.AutomationRuleV2ActionExternalIntegrationConfigurationArgs
{
ConnectorArn = "string",
},
FindingFieldsUpdate = new Aws.SecurityHub.Inputs.AutomationRuleV2ActionFindingFieldsUpdateArgs
{
Comment = "string",
SeverityId = 0,
StatusId = 0,
},
},
Criteria = new Aws.SecurityHub.Inputs.AutomationRuleV2CriteriaArgs
{
OcsfFindingCriteriaJson = "string",
},
Description = "string",
RuleName = "string",
RuleOrder = 0,
Region = "string",
RuleStatus = "string",
Tags =
{
{ "string", "string" },
},
});
example, err := securityhub.NewAutomationRuleV2(ctx, "automationRuleV2Resource", &securityhub.AutomationRuleV2Args{
Action: &securityhub.AutomationRuleV2ActionArgs{
Type: pulumi.String("string"),
ExternalIntegrationConfiguration: &securityhub.AutomationRuleV2ActionExternalIntegrationConfigurationArgs{
ConnectorArn: pulumi.String("string"),
},
FindingFieldsUpdate: &securityhub.AutomationRuleV2ActionFindingFieldsUpdateArgs{
Comment: pulumi.String("string"),
SeverityId: pulumi.Int(0),
StatusId: pulumi.Int(0),
},
},
Criteria: &securityhub.AutomationRuleV2CriteriaArgs{
OcsfFindingCriteriaJson: pulumi.String("string"),
},
Description: pulumi.String("string"),
RuleName: pulumi.String("string"),
RuleOrder: pulumi.Float64(0),
Region: pulumi.String("string"),
RuleStatus: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
resource "aws_securityhub_automationrulev2" "automationRuleV2Resource" {
action = {
type = "string"
external_integration_configuration = {
connector_arn = "string"
}
finding_fields_update = {
comment = "string"
severity_id = 0
status_id = 0
}
}
criteria = {
ocsf_finding_criteria_json = "string"
}
description = "string"
rule_name = "string"
rule_order = 0
region = "string"
rule_status = "string"
tags = {
"string" = "string"
}
}
var automationRuleV2Resource = new AutomationRuleV2("automationRuleV2Resource", AutomationRuleV2Args.builder()
.action(AutomationRuleV2ActionArgs.builder()
.type("string")
.externalIntegrationConfiguration(AutomationRuleV2ActionExternalIntegrationConfigurationArgs.builder()
.connectorArn("string")
.build())
.findingFieldsUpdate(AutomationRuleV2ActionFindingFieldsUpdateArgs.builder()
.comment("string")
.severityId(0)
.statusId(0)
.build())
.build())
.criteria(AutomationRuleV2CriteriaArgs.builder()
.ocsfFindingCriteriaJson("string")
.build())
.description("string")
.ruleName("string")
.ruleOrder(0.0)
.region("string")
.ruleStatus("string")
.tags(Map.of("string", "string"))
.build());
automation_rule_v2_resource = aws.securityhub.AutomationRuleV2("automationRuleV2Resource",
action={
"type": "string",
"external_integration_configuration": {
"connector_arn": "string",
},
"finding_fields_update": {
"comment": "string",
"severity_id": 0,
"status_id": 0,
},
},
criteria={
"ocsf_finding_criteria_json": "string",
},
description="string",
rule_name="string",
rule_order=float(0),
region="string",
rule_status="string",
tags={
"string": "string",
})
const automationRuleV2Resource = new aws.securityhub.AutomationRuleV2("automationRuleV2Resource", {
action: {
type: "string",
externalIntegrationConfiguration: {
connectorArn: "string",
},
findingFieldsUpdate: {
comment: "string",
severityId: 0,
statusId: 0,
},
},
criteria: {
ocsfFindingCriteriaJson: "string",
},
description: "string",
ruleName: "string",
ruleOrder: 0,
region: "string",
ruleStatus: "string",
tags: {
string: "string",
},
});
type: aws:securityhub:AutomationRuleV2
properties:
action:
externalIntegrationConfiguration:
connectorArn: string
findingFieldsUpdate:
comment: string
severityId: 0
statusId: 0
type: string
criteria:
ocsfFindingCriteriaJson: string
description: string
region: string
ruleName: string
ruleOrder: 0
ruleStatus: string
tags:
string: string
AutomationRuleV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AutomationRuleV2 resource accepts the following input properties:
- Action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - Criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - Description string
- A description of the automation rule.
- Rule
Name string - The name of the automation rule.
- Rule
Order double - The priority of the rule. Lower values indicate higher priority.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Action
Automation
Rule V2Action Args - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - Criteria
Automation
Rule V2Criteria Args - Filtering type and configuration of the automation rule. See
criteriabelow. - Description string
- A description of the automation rule.
- Rule
Name string - The name of the automation rule.
- Rule
Order float64 - The priority of the rule. Lower values indicate higher priority.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - map[string]string
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action object
- Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - criteria object
- Filtering type and configuration of the automation rule. See
criteriabelow. - description string
- A description of the automation rule.
- rule_
name string - The name of the automation rule.
- rule_
order number - The priority of the rule. Lower values indicate higher priority.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule_
status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - map(string)
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - description String
- A description of the automation rule.
- rule
Name String - The name of the automation rule.
- rule
Order Double - The priority of the rule. Lower values indicate higher priority.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Status String - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - description string
- A description of the automation rule.
- rule
Name string - The name of the automation rule.
- rule
Order number - The priority of the rule. Lower values indicate higher priority.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action
Automation
Rule V2Action Args - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - criteria
Automation
Rule V2Criteria Args - Filtering type and configuration of the automation rule. See
criteriabelow. - description str
- A description of the automation rule.
- rule_
name str - The name of the automation rule.
- rule_
order float - The priority of the rule. Lower values indicate higher priority.
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule_
status str - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- action Property Map
- Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - criteria Property Map
- Filtering type and configuration of the automation rule. See
criteriabelow. - description String
- A description of the automation rule.
- rule
Name String - The name of the automation rule.
- rule
Order Number - The priority of the rule. Lower values indicate higher priority.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Status String - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Map<String>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the AutomationRuleV2 resource produces the following output properties:
Look up Existing AutomationRuleV2 Resource
Get an existing AutomationRuleV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AutomationRuleV2State, opts?: CustomResourceOptions): AutomationRuleV2@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[AutomationRuleV2ActionArgs] = None,
arn: Optional[str] = None,
criteria: Optional[AutomationRuleV2CriteriaArgs] = None,
description: Optional[str] = None,
region: Optional[str] = None,
rule_id: Optional[str] = None,
rule_name: Optional[str] = None,
rule_order: Optional[float] = None,
rule_status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> AutomationRuleV2func GetAutomationRuleV2(ctx *Context, name string, id IDInput, state *AutomationRuleV2State, opts ...ResourceOption) (*AutomationRuleV2, error)public static AutomationRuleV2 Get(string name, Input<string> id, AutomationRuleV2State? state, CustomResourceOptions? opts = null)public static AutomationRuleV2 get(String name, Output<String> id, AutomationRuleV2State state, CustomResourceOptions options)resources: _: type: aws:securityhub:AutomationRuleV2 get: id: ${id}import {
to = aws_securityhub_automationrulev2.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - Arn string
- Criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - Description string
- A description of the automation rule.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Rule
Id string - ID of the automation rule.
- Rule
Name string - The name of the automation rule.
- Rule
Order double - The priority of the rule. Lower values indicate higher priority.
- Rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Dictionary<string, string>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- Action
Automation
Rule V2Action Args - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - Arn string
- Criteria
Automation
Rule V2Criteria Args - Filtering type and configuration of the automation rule. See
criteriabelow. - Description string
- A description of the automation rule.
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Rule
Id string - ID of the automation rule.
- Rule
Name string - The name of the automation rule.
- Rule
Order float64 - The priority of the rule. Lower values indicate higher priority.
- Rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - map[string]string
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- action object
- Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - arn string
- criteria object
- Filtering type and configuration of the automation rule. See
criteriabelow. - description string
- A description of the automation rule.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule_
id string - ID of the automation rule.
- rule_
name string - The name of the automation rule.
- rule_
order number - The priority of the rule. Lower values indicate higher priority.
- rule_
status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - map(string)
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map(string)
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - arn String
- criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - description String
- A description of the automation rule.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Id String - ID of the automation rule.
- rule
Name String - The name of the automation rule.
- rule
Order Double - The priority of the rule. Lower values indicate higher priority.
- rule
Status String - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Map<String,String>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- action
Automation
Rule V2Action - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - arn string
- criteria
Automation
Rule V2Criteria - Filtering type and configuration of the automation rule. See
criteriabelow. - description string
- A description of the automation rule.
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Id string - ID of the automation rule.
- rule
Name string - The name of the automation rule.
- rule
Order number - The priority of the rule. Lower values indicate higher priority.
- rule
Status string - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - {[key: string]: string}
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- action
Automation
Rule V2Action Args - Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - arn str
- criteria
Automation
Rule V2Criteria Args - Filtering type and configuration of the automation rule. See
criteriabelow. - description str
- A description of the automation rule.
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule_
id str - ID of the automation rule.
- rule_
name str - The name of the automation rule.
- rule_
order float - The priority of the rule. Lower values indicate higher priority.
- rule_
status str - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Mapping[str, str]
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
- action Property Map
- Actions to take when the rule matches. Maximum of 1 action block. See
actionbelow. - arn String
- criteria Property Map
- Filtering type and configuration of the automation rule. See
criteriabelow. - description String
- A description of the automation rule.
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- rule
Id String - ID of the automation rule.
- rule
Name String - The name of the automation rule.
- rule
Order Number - The priority of the rule. Lower values indicate higher priority.
- rule
Status String - The status of the rule. Valid values:
ENABLED,DISABLED. Defaults toENABLED. - Map<String>
- Map of tags to assign to the resource. If configured with a provider
defaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
defaultTagsconfiguration block.
Supporting Types
AutomationRuleV2Action, AutomationRuleV2ActionArgs
- Type string
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - External
Integration AutomationConfiguration Rule V2Action External Integration Configuration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - Finding
Fields AutomationUpdate Rule V2Action Finding Fields Update - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- Type string
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - External
Integration AutomationConfiguration Rule V2Action External Integration Configuration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - Finding
Fields AutomationUpdate Rule V2Action Finding Fields Update - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- type string
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - external_
integration_ objectconfiguration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - finding_
fields_ objectupdate - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- type String
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - external
Integration AutomationConfiguration Rule V2Action External Integration Configuration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - finding
Fields AutomationUpdate Rule V2Action Finding Fields Update - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- type string
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - external
Integration AutomationConfiguration Rule V2Action External Integration Configuration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - finding
Fields AutomationUpdate Rule V2Action Finding Fields Update - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- type str
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - external_
integration_ Automationconfiguration Rule V2Action External Integration Configuration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - finding_
fields_ Automationupdate Rule V2Action Finding Fields Update - Settings for updating finding fields. See
findingFieldsUpdatebelow.
- type String
- The action type. Valid values:
FINDING_FIELDS_UPDATE,EXTERNAL_INTEGRATION. - external
Integration Property MapConfiguration - Settings for external integration actions. See
externalIntegrationConfigurationbelow. - finding
Fields Property MapUpdate - Settings for updating finding fields. See
findingFieldsUpdatebelow.
AutomationRuleV2ActionExternalIntegrationConfiguration, AutomationRuleV2ActionExternalIntegrationConfigurationArgs
- Connector
Arn string - The ARN of the connector.
- Connector
Arn string - The ARN of the connector.
- connector_
arn string - The ARN of the connector.
- connector
Arn String - The ARN of the connector.
- connector
Arn string - The ARN of the connector.
- connector_
arn str - The ARN of the connector.
- connector
Arn String - The ARN of the connector.
AutomationRuleV2ActionFindingFieldsUpdate, AutomationRuleV2ActionFindingFieldsUpdateArgs
- Comment string
- A comment for the finding.
- Severity
Id int - The severity ID to assign.
- Status
Id int - The status ID to assign.
- Comment string
- A comment for the finding.
- Severity
Id int - The severity ID to assign.
- Status
Id int - The status ID to assign.
- comment string
- A comment for the finding.
- severity_
id number - The severity ID to assign.
- status_
id number - The status ID to assign.
- comment String
- A comment for the finding.
- severity
Id Integer - The severity ID to assign.
- status
Id Integer - The status ID to assign.
- comment string
- A comment for the finding.
- severity
Id number - The severity ID to assign.
- status
Id number - The status ID to assign.
- comment str
- A comment for the finding.
- severity_
id int - The severity ID to assign.
- status_
id int - The status ID to assign.
- comment String
- A comment for the finding.
- severity
Id Number - The severity ID to assign.
- status
Id Number - The status ID to assign.
AutomationRuleV2Criteria, AutomationRuleV2CriteriaArgs
- Ocsf
Finding stringCriteria Json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- Ocsf
Finding stringCriteria Json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- ocsf_
finding_ stringcriteria_ json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- ocsf
Finding StringCriteria Json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- ocsf
Finding stringCriteria Json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- ocsf_
finding_ strcriteria_ json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
- ocsf
Finding StringCriteria Json - JSON-encoded OCSF finding criteria for the rule. See the AWS API Reference for details.
Import
Identity Schema
Required
arn(String) Amazon Resource Name (ARN) of the Security Hub V2 automation rule.
Using pulumi import, import Security Hub V2 automation rules using arn. For example:
$ pulumi import aws:securityhub/automationRuleV2:AutomationRuleV2 example arn:aws:securityhub:us-east-1:123456789012:automation-rulev2/3efb04f4-e19e-4458-a698-62364ab7b1a7
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
Viewing docs for AWS v7.32.0
published on Friday, May 29, 2026 by Pulumi
published on Friday, May 29, 2026 by Pulumi