Security Hub Configuration Policy

Docs > DDSQL Reference > Data Directory > Security Hub Configuration Policy

Security Hub Configuration Policy in AWS defines the settings and controls applied to an account or organization within AWS Security Hub. It allows centralized management of security standards, control enablement, and configuration across multiple accounts. This resource helps ensure consistent security posture, compliance enforcement, and streamlined governance by applying policies at scale.

aws.securityhub_configuration_policy

Fields

ID	Type	Data Type	Description
_key	core	string
account_id	core	string
arn	core	string	The ARN of the configuration policy.
configuration_policy	core	json	An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If the policy includes a list of security controls that are enabled, Security Hub disables all other controls (including newly released controls). If the policy includes a list of security controls that are disabled, Security Hub enables all other controls (including newly released controls).
created_at	core	timestamp	The date and time, in UTC and ISO 8601 format, that the configuration policy was created.
description	core	string	The description of the configuration policy.
id	core	string	The UUID of the configuration policy.
name	core	string	The name of the configuration policy.
tags	core	hstore
updated_at	core	timestamp	The date and time, in UTC and ISO 8601 format, that the configuration policy was last updated.