Top / Amazon Web Service / AWS Security Hub / Insight

AWS Security Hub Insight

This page shows how to write Terraform for Security Hub Insight and write them securely.

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_securityhub_insight (Terraform)

The Insight in Security Hub can be configured in Terraform with the resource name aws_securityhub_insight. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

arn optional computed - string
group_by_attribute required - string
id optional computed - string
name required - string
filters list block
- aws_account_id set block
  - comparison required - string
  - value required - string
- company_name set block
  - comparison required - string
  - value required - string
- compliance_status set block
  - comparison required - string
  - value required - string
- confidence set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- created_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- criticality set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- description set block
  - comparison required - string
  - value required - string
- finding_provider_fields_confidence set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- finding_provider_fields_criticality set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- finding_provider_fields_related_findings_id set block
  - comparison required - string
  - value required - string
- finding_provider_fields_related_findings_product_arn set block
  - comparison required - string
  - value required - string
- finding_provider_fields_severity_label set block
  - comparison required - string
  - value required - string
- finding_provider_fields_severity_original set block
  - comparison required - string
  - value required - string
- finding_provider_fields_types set block
  - comparison required - string
  - value required - string
- first_observed_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- generator_id set block
  - comparison required - string
  - value required - string
- id set block
  - comparison required - string
  - value required - string
- keyword set block
  - value required - string
- last_observed_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- malware_name set block
  - comparison required - string
  - value required - string
- malware_path set block
  - comparison required - string
  - value required - string
- malware_state set block
  - comparison required - string
  - value required - string
- malware_type set block
  - comparison required - string
  - value required - string
- network_destination_domain set block
  - comparison required - string
  - value required - string
- network_destination_ipv4 set block
  - cidr required - string
- network_destination_ipv6 set block
  - cidr required - string
- network_destination_port set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- network_direction set block
  - comparison required - string
  - value required - string
- network_protocol set block
  - comparison required - string
  - value required - string
- network_source_domain set block
  - comparison required - string
  - value required - string
- network_source_ipv4 set block
  - cidr required - string
- network_source_ipv6 set block
  - cidr required - string
- network_source_mac set block
  - comparison required - string
  - value required - string
- network_source_port set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- note_text set block
  - comparison required - string
  - value required - string
- note_updated_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- note_updated_by set block
  - comparison required - string
  - value required - string
- process_launched_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- process_name set block
  - comparison required - string
  - value required - string
- process_parent_pid set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- process_path set block
  - comparison required - string
  - value required - string
- process_pid set block
  - eq optional - string
  - gte optional - string
  - lte optional - string
- process_terminated_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- product_arn set block
  - comparison required - string
  - value required - string
- product_fields set block
  - comparison required - string
  - key required - string
  - value required - string
- product_name set block
  - comparison required - string
  - value required - string
- recommendation_text set block
  - comparison required - string
  - value required - string
- record_state set block
  - comparison required - string
  - value required - string
- related_findings_id set block
  - comparison required - string
  - value required - string
- related_findings_product_arn set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_iam_instance_profile_arn set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_image_id set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_ipv4_addresses set block
  - cidr required - string
- resource_aws_ec2_instance_ipv6_addresses set block
  - cidr required - string
- resource_aws_ec2_instance_key_name set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_launched_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- resource_aws_ec2_instance_subnet_id set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_type set block
  - comparison required - string
  - value required - string
- resource_aws_ec2_instance_vpc_id set block
  - comparison required - string
  - value required - string
- resource_aws_iam_access_key_created_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- resource_aws_iam_access_key_status set block
  - comparison required - string
  - value required - string
- resource_aws_iam_access_key_user_name set block
  - comparison required - string
  - value required - string
- resource_aws_s3_bucket_owner_id set block
  - comparison required - string
  - value required - string
- resource_aws_s3_bucket_owner_name set block
  - comparison required - string
  - value required - string
- resource_container_image_id set block
  - comparison required - string
  - value required - string
- resource_container_image_name set block
  - comparison required - string
  - value required - string
- resource_container_launched_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- resource_container_name set block
  - comparison required - string
  - value required - string
- resource_details_other set block
  - comparison required - string
  - key required - string
  - value required - string
- resource_id set block
  - comparison required - string
  - value required - string
- resource_partition set block
  - comparison required - string
  - value required - string
- resource_region set block
  - comparison required - string
  - value required - string
- resource_tags set block
  - comparison required - string
  - key required - string
  - value required - string
- resource_type set block
  - comparison required - string
  - value required - string
- severity_label set block
  - comparison required - string
  - value required - string
- source_url set block
  - comparison required - string
  - value required - string
- threat_intel_indicator_category set block
  - comparison required - string
  - value required - string
- threat_intel_indicator_last_observed_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- threat_intel_indicator_source set block
  - comparison required - string
  - value required - string
- threat_intel_indicator_source_url set block
  - comparison required - string
  - value required - string
- threat_intel_indicator_type set block
  - comparison required - string
  - value required - string
- threat_intel_indicator_value set block
  - comparison required - string
  - value required - string
- title set block
  - comparison required - string
  - value required - string
- type set block
  - comparison required - string
  - value required - string
- updated_at set block
  - end optional - string
  - start optional - string
  - date_range list block
    - unit required - string
    - value required - number
- user_defined_values set block
  - comparison required - string
  - key required - string
  - value required - string
- verification_state set block
  - comparison required - string
  - value required - string
- workflow_status set block
  - comparison required - string
  - value required - string

>> from Terraform Registry

Explanation in Terraform Registry

Provides a Security Hub custom insight resource. See the Managing custom insights section of the AWS User Guide for more information.

>> from Terraform Registry

CloudFormation Example

CloudFormation code does not have the related resource.

The Other Related AWS Security Hub Resources

AWS Security Hub Account

AWS Security Hub Action Target

AWS Security Hub Invite Accepter

AWS Security Hub Member

AWS Security Hub Organization ADMin Account

AWS Security Hub Organization Configuration

AWS Security Hub Product Subscription

AWS Security Hub Standards Control

AWS Security Hub Standards Subscription

Frequently asked questions

What is AWS Security Hub Insight?

AWS Security Hub Insight is a resource for Security Hub of Amazon Web Service. Settings can be wrote in Terraform.

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

aws_securityhub_insight
Frequently asked questions