Resource: awsSecurityhubProductSubscription
Subscribes to a Security Hub product.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSecurityhubAccountExample =
new aws.securityhubAccount.SecurityhubAccount(this, "example", {});
const dataAwsRegionCurrent = new aws.dataAwsRegion.DataAwsRegion(
this,
"current",
{}
);
const awsSecurityhubProductSubscriptionExample =
new aws.securityhubProductSubscription.SecurityhubProductSubscription(
this,
"example_2",
{
depends_on: [`\${${awsSecurityhubAccountExample.fqn}}`],
productArn: `arn:aws:securityhub:\${${dataAwsRegionCurrent.name}}:733251395267:product/alertlogic/althreatmanagement`,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSecurityhubProductSubscriptionExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
productArn- (Required) The ARN of the product that generates findings that you want to import into Security Hub - see below.
Amazon maintains a list of Product integrations in AWS Security Hub that changes over time. Any of the products on the linked Available AWS service integrations or Available third-party partner product integrations can be configured using awsSecurityhubProductSubscription.
Available products can also be listed by running the AWS CLI command awsSecurityhubDescribeProducts.
A subset of currently available products (remember to replace ${varRegion} as appropriate) includes:
arn:aws:securityhub:${varRegion}::product/aws/guarddutyarn:aws:securityhub:${varRegion}::product/aws/inspectorarn:aws:securityhub:${varRegion}::product/aws/maciearn:aws:securityhub:${varRegion}::product/alertlogic/althreatmanagementarn:aws:securityhub:${varRegion}::product/armordefense/armoranywherearn:aws:securityhub:${varRegion}::product/barracuda/cloudsecurityguardianarn:aws:securityhub:${varRegion}::product/checkpoint/cloudguardIaasarn:aws:securityhub:${varRegion}::product/checkpoint/dome9Arcarn:aws:securityhub:${varRegion}::product/crowdstrike/crowdstrikeFalconarn:aws:securityhub:${varRegion}::product/cyberark/cyberarkPtaarn:aws:securityhub:${varRegion}::product/f5Networks/f5AdvancedWafarn:aws:securityhub:${varRegion}::product/fortinet/fortigatearn:aws:securityhub:${varRegion}::product/guardicore/awsInfectionMonkeyarn:aws:securityhub:${varRegion}::product/guardicore/guardicorearn:aws:securityhub:${varRegion}::product/ibm/qradarSiemarn:aws:securityhub:${varRegion}::product/imperva/impervaAttackAnalyticsarn:aws:securityhub:${varRegion}::product/mcafeeSkyhigh/mcafeeMvisionCloudAwsarn:aws:securityhub:${varRegion}::product/paloaltonetworks/redlockarn:aws:securityhub:${varRegion}::product/paloaltonetworks/vmSeriesarn:aws:securityhub:${varRegion}::product/qualys/qualysPcarn:aws:securityhub:${varRegion}::product/qualys/qualysVmarn:aws:securityhub:${varRegion}::product/rapid7/insightvmarn:aws:securityhub:${varRegion}::product/sophos/sophosServerProtectionarn:aws:securityhub:${varRegion}::product/splunk/splunkEnterprisearn:aws:securityhub:${varRegion}::product/splunk/splunkPhantomarn:aws:securityhub:${varRegion}::product/sumologicinc/sumologicMdaarn:aws:securityhub:${varRegion}::product/symantecCorp/symantecCwparn:aws:securityhub:${varRegion}::product/tenable/tenableIoarn:aws:securityhub:${varRegion}::product/trendMicro/deepSecurityarn:aws:securityhub:${varRegion}::product/turbot/turbotarn:aws:securityhub:${varRegion}::product/twistlock/twistlockEnterprise
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn- The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.
Import
Security Hub product subscriptions can be imported in the form productArn,arn, e.g.,