AWS::SecurityHub::ConfigurationPolicy

SecurityHub ConfigurationPolicy

The AWS::SecurityHub::ConfigurationPolicy resource represents the Central Configuration Policy in your account.

Properties

4 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`ConfigurationPolicy`	`Policy`	Required
`Name`	`string`	Required
`Description`	`string`
`Tags`	`Tags`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Arn`	`string`	The Amazon Resource Name (ARN) of the configuration policy.
`CreatedAt`	`string`	The date and time, in UTC and ISO 8601 format.
`Id`	`string`	The universally unique identifier (UUID) of the configuration policy.
`ServiceEnabled`	`boolean`	Indicates whether the service that the configuration policy applies to is enabled in the policy.
`UpdatedAt`	`string`	The date and time, in UTC and ISO 8601 format.

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::SecurityHub::ConfigurationPolicy

Resources:
  MyResource:
    Type: AWS::SecurityHub::ConfigurationPolicy
    Properties:
      ConfigurationPolicy: "value"
      Name: "my-name"
      Tags:
        - Key: Environment
          Value: Production
      Description: !Ref "AWS::StackName"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

securityhub:CreateConfigurationPolicysecurityhub:TagResourcesecurityhub:ListTagsForResource

read

securityhub:GetConfigurationPolicysecurityhub:ListTagsForResource

update

securityhub:UpdateConfigurationPolicysecurityhub:TagResourcesecurityhub:UntagResourcesecurityhub:ListTagsForResource

delete

securityhub:GetConfigurationPolicysecurityhub:DeleteConfigurationPolicy

list

securityhub:ListConfigurationPoliciessecurityhub:ListTagsForResource

Learn AWS the Practical Way

Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.

Subscribe to Newsletter

Quick Facts

ServiceSecurityHub

Properties9

Required2

TaggingSupported

Primary IDArn

Supported Operations

CreateReadUpdateDeleteList

Related Resources

External Links

AWS Documentation