finding_aggregators
Creates, updates, deletes or gets a finding_aggregator resource or lists finding_aggregators in a region
Overview
| Name | finding_aggregators |
| Type | Resource |
| Description | The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode. |
| Id | aws.securityhub.finding_aggregators |
Fields
| Name | Datatype | Description |
|---|---|---|
finding_aggregator_arn | string | The ARN of the FindingAggregator being created and assigned as the unique identifier |
region_linking_mode | string | Indicates whether to link all Regions, all Regions except for a list of excluded Regions, or a list of included Regions |
regions | array | The list of excluded Regions or included Regions |
finding_aggregation_region | string | The aggregation Region of the FindingAggregator |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | RegionLinkingMode, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all finding_aggregators in a region.
SELECT
region,
finding_aggregator_arn,
region_linking_mode,
regions,
finding_aggregation_region
FROM aws.securityhub.finding_aggregators
WHERE region = 'us-east-1';
Gets all properties from an individual finding_aggregator.
SELECT
region,
finding_aggregator_arn,
region_linking_mode,
regions,
finding_aggregation_region
FROM aws.securityhub.finding_aggregators
WHERE region = 'us-east-1' AND data__Identifier = '<FindingAggregatorArn>';
INSERT example
Use the following StackQL query and manifest file to create a new finding_aggregator resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.securityhub.finding_aggregators (
RegionLinkingMode,
region
)
SELECT
'{{ RegionLinkingMode }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.securityhub.finding_aggregators (
RegionLinkingMode,
Regions,
region
)
SELECT
'{{ RegionLinkingMode }}',
'{{ Regions }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: finding_aggregator
props:
- name: RegionLinkingMode
value: '{{ RegionLinkingMode }}'
- name: Regions
value:
- '{{ Regions[0] }}'
DELETE example
/*+ delete */
DELETE FROM aws.securityhub.finding_aggregators
WHERE data__Identifier = '<FindingAggregatorArn>'
AND region = 'us-east-1';
Permissions
To operate on the finding_aggregators resource, the following permissions are required:
Create
securityhub:CreateFindingAggregator
Read
securityhub:GetFindingAggregator
Update
securityhub:UpdateFindingAggregator
Delete
securityhub:DeleteFindingAggregator
List
securityhub:ListFindingAggregators