| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| auto_enable_controls | Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to true, and new controls are enabled automatically. To not automatically enable new controls, set this to false. |
bool |
true |
no |
| control_finding_generator | Updates whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. For accounts that are part of an organization, this value can only be updated in the administrator account. |
string |
null |
no |
| enable | Set to false to prevent the module from creating any resources. | bool |
true |
no |
| enable_default_standards | Flag to indicate whether default standards should be enabled | bool |
true |
no |
| enabled_products | The possible values are: - product/aws/guardduty - product/aws/inspector - product/aws/macie |
list(any) |
[] |
no |
| enabled_standards | The possible values are: - standards/aws-foundational-security-best-practices/v/1.0.0 - ruleset/cis-aws-foundations-benchmark/v/1.2.0 - standards/pci-dss/v/3.2.1 |
list(any) |
[] |
no |
| member_details | n/a | list(object({ |
[] |
no |
| name | n/a | string |
"" |
no |
| security_hub_enabled | To Enable seucirty-hub in aws account | bool |
true |
no |
| Name | Description |
|---|---|
| id | The ID of the secuirty hub. |