AWS::SecurityHub::Hub

The AWS::SecurityHub::Hub resource represents the implementation of the Amazon Security Hub service in your account. One hub resource is created for each Region in which you enable Security Hub.

The CIS Amazon Foundations Benchmark standard and the Foundational Security Best Practices standard are also enabled in each Region where you enable Security Hub.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

{
  "Type" : "AWS::SecurityHub::Hub",
  "Properties" : {
      "Tags" : Json
    }
}

Type: AWS::SecurityHub::Hub
Properties: 
  Tags: Json

Properties

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the HubArn for the hub resource created, such as arn:aws:securityhub:us-east-1:12345678910:hub/default.

For more information about using the Reffunction, see Ref.

Examples

Declare a Hub Resource

The following example shows how to declare a Security Hub Hub resource:

{
    "Description": "Example Hub with Tags",
    "Resources": {
        "ExampleHubWithTags": {
            "Type": "AWS::SecurityHub::Hub",
            "Properties": {
                "Tags": {
                    "key1": "value1",
                    "key2": "value2"
                }
            }
        }
    },
    "Outputs": {
        "HubArn": {
            "Value": {
                "Ref": "ExampleHubWithTags"
            }
        }
    }
}

Description: Example Hub with Tags
Resources:
  ExampleHubWithTags:
    Type: 'AWS::SecurityHub::Hub'
    Properties:
      Tags:
        key1: value1
        key2: value2
Outputs:
  HubArn:
    Value: !Ref ExampleHubWithTags