Update Configuration Policy
| securityhub_update_configuration_policy | R Documentation |
Updates a configuration policy¶
Description¶
Updates a configuration policy. Only the Security Hub delegated administrator can invoke this operation from the home Region.
Usage¶
securityhub_update_configuration_policy(Identifier, Name, Description,
UpdatedReason, ConfigurationPolicy)
Arguments¶
Identifier[required] The Amazon Resource Name (ARN) or universally unique identifier (UUID) of the configuration policy.
NameThe name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted:
-, ., !, *, /.DescriptionThe description of the configuration policy.
UpdatedReasonThe reason for updating the configuration policy.
ConfigurationPolicyAn object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
When updating a configuration policy, provide a complete list of standards that you want to enable and a complete list of controls that you want to enable or disable. The updated configuration replaces the current configuration.
Value¶
A list with the following syntax:
list(
Arn = "string",
Id = "string",
Name = "string",
Description = "string",
UpdatedAt = as.POSIXct(
"2015-01-01"
),
CreatedAt = as.POSIXct(
"2015-01-01"
),
ConfigurationPolicy = list(
SecurityHub = list(
ServiceEnabled = TRUE|FALSE,
EnabledStandardIdentifiers = list(
"string"
),
SecurityControlsConfiguration = list(
EnabledSecurityControlIdentifiers = list(
"string"
),
DisabledSecurityControlIdentifiers = list(
"string"
),
SecurityControlCustomParameters = list(
list(
SecurityControlId = "string",
Parameters = list(
list(
ValueType = "DEFAULT"|"CUSTOM",
Value = list(
Integer = 123,
IntegerList = list(
123
),
Double = 123.0,
String = "string",
StringList = list(
"string"
),
Boolean = TRUE|FALSE,
Enum = "string",
EnumList = list(
"string"
)
)
)
)
)
)
)
)
)
)
Request syntax¶
svc$update_configuration_policy(
Identifier = "string",
Name = "string",
Description = "string",
UpdatedReason = "string",
ConfigurationPolicy = list(
SecurityHub = list(
ServiceEnabled = TRUE|FALSE,
EnabledStandardIdentifiers = list(
"string"
),
SecurityControlsConfiguration = list(
EnabledSecurityControlIdentifiers = list(
"string"
),
DisabledSecurityControlIdentifiers = list(
"string"
),
SecurityControlCustomParameters = list(
list(
SecurityControlId = "string",
Parameters = list(
list(
ValueType = "DEFAULT"|"CUSTOM",
Value = list(
Integer = 123,
IntegerList = list(
123
),
Double = 123.0,
String = "string",
StringList = list(
"string"
),
Boolean = TRUE|FALSE,
Enum = "string",
EnumList = list(
"string"
)
)
)
)
)
)
)
)
)
)
Examples¶
## Not run:
# This operation updates the specified configuration policy.
svc$update_configuration_policy(
ConfigurationPolicy = list(
SecurityHub = list(
EnabledStandardIdentifiers = list(
"arn:aws:securityhub:us-east-1::standards/aws-foundational-security...",
"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
),
SecurityControlsConfiguration = list(
DisabledSecurityControlIdentifiers = list(
"CloudWatch.1",
"CloudWatch.2"
),
SecurityControlCustomParameters = list(
list(
Parameters = list(
daysToExpiration = list(
Value = list(
Integer = 21L
),
ValueType = "CUSTOM"
)
),
SecurityControlId = "ACM.1"
)
)
),
ServiceEnabled = TRUE
)
),
Description = "Updated configuration policy for testing FSBP and CIS",
Identifier = "arn:aws:securityhub:us-east-1:123456789012:configuration-po...",
Name = "TestConfigurationPolicy",
UpdatedReason = "Enabling ACM.2"
)
## End(Not run)