updateConfigurationPolicy
abstract suspend fun updateConfigurationPolicy(input: UpdateConfigurationPolicyRequest): UpdateConfigurationPolicyResponse
Updates a configuration policy. Only the Security Hub delegated administrator can invoke this operation from the home Region.
Samples
import aws.sdk.kotlin.services.securityhub.model.ParameterConfiguration
import aws.sdk.kotlin.services.securityhub.model.ParameterValue
import aws.sdk.kotlin.services.securityhub.model.ParameterValueType
import aws.sdk.kotlin.services.securityhub.model.Policy
import aws.sdk.kotlin.services.securityhub.model.SecurityControlCustomParameter
import aws.sdk.kotlin.services.securityhub.model.SecurityControlsConfiguration
import aws.sdk.kotlin.services.securityhub.model.SecurityHubPolicy
fun main() {
//sampleStart
// This operation updates the specified configuration policy.
val resp = securityHubClient.updateConfigurationPolicy {
identifier = "arn:aws:securityhub:us-east-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111"
name = "TestConfigurationPolicy"
description = "Updated configuration policy for testing FSBP and CIS"
updatedReason = "Enabling ACM.2"
configurationPolicy = Policy.SecurityHub(SecurityHubPolicy {
serviceEnabled = true
enabledStandardIdentifiers = listOf<String>(
"arn:aws:securityhub:us-east-1::standards/aws-foundational-security-best-practices/v/1.0.0",
"arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
)
securityControlsConfiguration = SecurityControlsConfiguration {
disabledSecurityControlIdentifiers = listOf<String>(
"CloudWatch.1",
"CloudWatch.2"
)
securityControlCustomParameters = listOf<SecurityControlCustomParameter>(
SecurityControlCustomParameter {
securityControlId = "ACM.1"
parameters = mapOf<String, ParameterConfiguration>(
"daysToExpiration" to ParameterConfiguration {
valueType = ParameterValueType.fromValue("CUSTOM")
value = ParameterValue.Integer(21)
}
)
}
)
}
}
)
}
//sampleEnd
}