hub_tags
Expands all tag keys and values for hubs in a region
Overview
| Name | hub_tags |
| Type | Resource |
| Description | The AWS::SecurityHub::Hub resource represents the implementation of the AWS Security Hub service in your account. One hub resource is created for each Region in which you enable Security Hub. |
| Id | aws.securityhub.hub_tags |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | An ARN is automatically created for the customer. |
enable_default_standards | boolean | Whether to enable the security standards that Security Hub has designated as automatically enabled. |
control_finding_generator | string | This field, used when enabling Security Hub, specifies whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. |
auto_enable_controls | boolean | Whether to automatically enable new controls when they are added to standards that are enabled |
subscribed_at | string | The date and time when Security Hub was enabled in the account. |
tag_key | string | Tag key. |
tag_value | string | Tag value. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
list_resources | SELECT | region |
SELECT examples
Expands tags for all hubs in a region.
SELECT
region,
arn,
enable_default_standards,
control_finding_generator,
auto_enable_controls,
subscribed_at,
tag_key,
tag_value
FROM aws.securityhub.hub_tags
WHERE region = 'us-east-1';
Permissions
For permissions required to operate on the hub_tags resource, see hubs