Resource: awsSecurityhubOrganizationAdminAccount
Manages a Security Hub administrator account for an organization. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in Security Hub can be found in the Security Hub User Guide.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsOrganizationsOrganizationExample =
new aws.organizationsOrganization.OrganizationsOrganization(this, "example", {
awsServiceAccessPrincipals: ["securityhub.amazonaws.com"],
featureSet: "ALL",
});
const awsSecurityhubAccountExample =
new aws.securityhubAccount.SecurityhubAccount(this, "example_1", {});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubAccountExample.overrideLogicalId("example");
const awsSecurityhubOrganizationAdminAccountExample =
new aws.securityhubOrganizationAdminAccount.SecurityhubOrganizationAdminAccount(
this,
"example_2",
{
adminAccountId: "123456789012",
depends_on: [`\${${awsOrganizationsOrganizationExample.fqn}}`],
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubOrganizationAdminAccountExample.overrideLogicalId("example");
const awsSecurityhubOrganizationConfigurationExample =
new aws.securityhubOrganizationConfiguration.SecurityhubOrganizationConfiguration(
this,
"example_3",
{
autoEnable: true,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubOrganizationConfigurationExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
adminAccountId
- (Required) The AWS account identifier of the account to designate as the Security Hub administrator account.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
id
- AWS account identifier.
Import
Security Hub Organization Admin Accounts can be imported using the AWS account ID, e.g.,