Skip to content

Resource: awsSecurityhubFindingAggregator

Manages a Security Hub finding aggregator. Security Hub needs to be enabled in a region in order for the aggregator to pull through findings.

Example Usage

All Regions Usage

The following example will enable the aggregator for every region.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSecurityhubAccountExample =
  new aws.securityhubAccount.SecurityhubAccount(this, "example", {});
const awsSecurityhubFindingAggregatorExample =
  new aws.securityhubFindingAggregator.SecurityhubFindingAggregator(
    this,
    "example_1",
    {
      depends_on: [`\${${awsSecurityhubAccountExample.fqn}}`],
      linkingMode: "ALL_REGIONS",
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubFindingAggregatorExample.overrideLogicalId("example");

All Regions Except Specified Regions Usage

The following example will enable the aggregator for every region except those specified in specifiedRegions.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSecurityhubAccountExample =
  new aws.securityhubAccount.SecurityhubAccount(this, "example", {});
const awsSecurityhubFindingAggregatorExample =
  new aws.securityhubFindingAggregator.SecurityhubFindingAggregator(
    this,
    "example_1",
    {
      depends_on: [`\${${awsSecurityhubAccountExample.fqn}}`],
      linkingMode: "ALL_REGIONS_EXCEPT_SPECIFIED",
      specifiedRegions: ["eu-west-1", "eu-west-2"],
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubFindingAggregatorExample.overrideLogicalId("example");

Specified Regions Usage

The following example will enable the aggregator for every region specified in specifiedRegions.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSecurityhubAccountExample =
  new aws.securityhubAccount.SecurityhubAccount(this, "example", {});
const awsSecurityhubFindingAggregatorExample =
  new aws.securityhubFindingAggregator.SecurityhubFindingAggregator(
    this,
    "example_1",
    {
      depends_on: [`\${${awsSecurityhubAccountExample.fqn}}`],
      linkingMode: "SPECIFIED_REGIONS",
      specifiedRegions: ["eu-west-1", "eu-west-2"],
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubFindingAggregatorExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • linkingMode - (Required) Indicates whether to aggregate findings from all of the available Regions or from a specified list. The options are ALL_REGIONS, ALL_REGIONS_EXCEPT_SPECIFIED or SPECIFIED_REGIONS. When ALL_REGIONS or ALL_REGIONS_EXCEPT_SPECIFIED are used, Security Hub will automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.
  • specifiedRegions - (Optional) List of regions to include or exclude (required if linkingMode is set to ALL_REGIONS_EXCEPT_SPECIFIED or SPECIFIED_REGIONS)

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - Amazon Resource Name (ARN) of the Security Hub finding aggregator.

Import

An existing Security Hub finding aggregator can be imported using the arn, e.g.,

$ terraform import aws_securityhub_finding_aggregator.example arn:aws:securityhub:eu-west-1:123456789098:finding-aggregator/abcd1234-abcd-1234-1234-abcdef123456