Package com.pulumi.aws.securityhub
Class OrganizationConfiguration
- java.lang.Object
-
- com.pulumi.resources.Resource
-
- com.pulumi.resources.CustomResource
-
- com.pulumi.aws.securityhub.OrganizationConfiguration
-
public class OrganizationConfiguration extends com.pulumi.resources.CustomResourceManages the Security Hub Organization Configuration. > **NOTE:** This resource requires an `aws.securityhub.OrganizationAdminAccount` to be configured (not necessarily with Pulumi). More information about managing Security Hub in an organization can be found in the [Managing administrator and member accounts](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts.html) documentation. > **NOTE:** In order to set the `configuration_type` to `CENTRAL`, the delegated admin must be a member account of the organization and not the management account. Central configuration also requires an `aws.securityhub.FindingAggregator` to be configured. > **NOTE:** This is an advanced AWS resource. Pulumi will automatically assume management of the Security Hub Organization Configuration without import and perform no actions on removal from the Pulumi program. > **NOTE:** Deleting this resource resets security hub to a local organization configuration with auto enable false. ## Example Usage ### Local Configuration <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.organizations.Organization; import com.pulumi.aws.organizations.OrganizationArgs; import com.pulumi.aws.securityhub.OrganizationAdminAccount; import com.pulumi.aws.securityhub.OrganizationAdminAccountArgs; import com.pulumi.aws.securityhub.OrganizationConfiguration; import com.pulumi.aws.securityhub.OrganizationConfigurationArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new Organization("example", OrganizationArgs.builder() .awsServiceAccessPrincipals("securityhub.amazonaws.com") .featureSet("ALL") .build()); var exampleOrganizationAdminAccount = new OrganizationAdminAccount("exampleOrganizationAdminAccount", OrganizationAdminAccountArgs.builder() .adminAccountId("123456789012") .build()); var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder() .autoEnable(true) .build()); } } ``` <!--End PulumiCodeChooser --> ### Central Configuration <!--Start PulumiCodeChooser --> ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.aws.securityhub.OrganizationAdminAccount; import com.pulumi.aws.securityhub.OrganizationAdminAccountArgs; import com.pulumi.aws.securityhub.FindingAggregator; import com.pulumi.aws.securityhub.FindingAggregatorArgs; import com.pulumi.aws.securityhub.OrganizationConfiguration; import com.pulumi.aws.securityhub.OrganizationConfigurationArgs; import com.pulumi.aws.securityhub.inputs.OrganizationConfigurationOrganizationConfigurationArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var example = new OrganizationAdminAccount("example", OrganizationAdminAccountArgs.builder() .adminAccountId("123456789012") .build()); var exampleFindingAggregator = new FindingAggregator("exampleFindingAggregator", FindingAggregatorArgs.builder() .linkingMode("ALL_REGIONS") .build()); var exampleOrganizationConfiguration = new OrganizationConfiguration("exampleOrganizationConfiguration", OrganizationConfigurationArgs.builder() .autoEnable(false) .autoEnableStandards("NONE") .organizationConfiguration(OrganizationConfigurationOrganizationConfigurationArgs.builder() .configurationType("CENTRAL") .build()) .build()); } } ``` <!--End PulumiCodeChooser --> ## Import Using `pulumi import`, import an existing Security Hub enabled account using the AWS account ID. For example: ```sh $ pulumi import aws:securityhub/organizationConfiguration:OrganizationConfiguration example 123456789012 ```
-
-
Constructor Summary
Constructors Constructor Description OrganizationConfiguration(java.lang.String name)OrganizationConfiguration(java.lang.String name, OrganizationConfigurationArgs args)OrganizationConfiguration(java.lang.String name, OrganizationConfigurationArgs args, com.pulumi.resources.CustomResourceOptions options)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description com.pulumi.core.Output<java.lang.Boolean>autoEnable()com.pulumi.core.Output<java.lang.String>autoEnableStandards()static OrganizationConfigurationget(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, OrganizationConfigurationState state, com.pulumi.resources.CustomResourceOptions options)Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.com.pulumi.core.Output<OrganizationConfigurationOrganizationConfiguration>organizationConfiguration()
-
-
-
Constructor Detail
-
OrganizationConfiguration
public OrganizationConfiguration(java.lang.String name)
- Parameters:
name- The _unique_ name of the resulting resource.
-
OrganizationConfiguration
public OrganizationConfiguration(java.lang.String name, OrganizationConfigurationArgs args)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.
-
OrganizationConfiguration
public OrganizationConfiguration(java.lang.String name, OrganizationConfigurationArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options)- Parameters:
name- The _unique_ name of the resulting resource.args- The arguments to use to populate this resource's properties.options- A bag of options that control this resource's behavior.
-
-
Method Detail
-
autoEnable
public com.pulumi.core.Output<java.lang.Boolean> autoEnable()
- Returns:
- Whether to automatically enable Security Hub for new accounts in the organization.
-
autoEnableStandards
public com.pulumi.core.Output<java.lang.String> autoEnableStandards()
- Returns:
- Whether to automatically enable Security Hub default standards for new member accounts in the organization. By default, this parameter is equal to `DEFAULT`, and new member accounts are automatically enabled with default Security Hub standards. To opt out of enabling default standards for new member accounts, set this parameter equal to `NONE`.
-
organizationConfiguration
public com.pulumi.core.Output<OrganizationConfigurationOrganizationConfiguration> organizationConfiguration()
- Returns:
- Provides information about the way an organization is configured in Security Hub.
-
get
public static OrganizationConfiguration get(java.lang.String name, com.pulumi.core.Output<java.lang.String> id, @Nullable OrganizationConfigurationState state, @Nullable com.pulumi.resources.CustomResourceOptions options)
Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.- Parameters:
name- The _unique_ name of the resulting resource.id- The _unique_ provider ID of the resource to lookup.state-options- Optional settings to control the behavior of the CustomResource.
-
-