Skip to main content

🧠 AWS Account Security Hub is not enabled - prod.logic.yaml 🟠🟒

Flags​

Input Type​

TypeAPI NameExtractsExtract FilesLogic Files
πŸ”’πŸ“• AWS AccountCA10__CaAwsAccount__c1111

Uses​

Test Results πŸŸ’β€‹

Generated at: 2025-04-24T23:44:14.012051842Z Open

ResultIdCondition IndexCondition TextRuntime Error
🟒test1βœ”οΈ 199βœ”οΈ CA10A1__AWS_Security_Hubs__r.has(COMPLIANT)βœ”οΈ null
🟒test2βœ”οΈ 200βœ”οΈ otherwiseβœ”οΈ null
🟒test3βœ”οΈ 200βœ”οΈ otherwiseβœ”οΈ null

Generation​

FileMD5
Open/ce/ca/aws/account/security-hub/policy.yamlA5489B2CA5FFEEA6F7078609BE07AFD9
Open/ce/ca/aws/account/security-hub/prod.logic.yamlE9072C659E30F85B4B0E176D6ACFECFD
Open/ce/ca/aws/account/security-hub/test-data.json6547719279B6088D0E135CCC1DC2A1DB

Generate FULL script​

java -jar repo-manager.jar policies generate FULL /ce/ca/aws/account/security-hub/prod.logic.yaml

Generate DEBUG script​

java -jar repo-manager.jar policies generate DEBUG /ce/ca/aws/account/security-hub/prod.logic.yaml

Generate CAPTURE_TEST_DATA script​

java -jar repo-manager.jar policies generate CAPTURE_TEST_DATA /ce/ca/aws/account/security-hub/prod.logic.yaml

Generate TESTS script​

java -jar repo-manager.jar policies generate TESTS /ce/ca/aws/account/security-hub/prod.logic.yaml

Execute tests​

java -jar repo-manager.jar policies test /ce/ca/aws/account/security-hub/prod.logic.yaml

Content​

Open File

---
inputType: "CA10__CaAwsAccount__c"
testData:
  - file: "test-data.json"
conditions:
  - status: "COMPLIANT"
    currentStateMessage: "Security Hub is enabled."
    check:
      RELATED_LIST_HAS:
        status: "COMPLIANT"
        relationshipName: "CA10A1__AWS_Security_Hubs__r"
otherwise:
  status: "INCOMPLIANT"
  currentStateMessage: "Security Hub is disabled."
  remediationMessage: "Consider enabling Security Hub in all regions."
relatedLists:
  - relationshipName: "CA10A1__AWS_Security_Hubs__r"
    conditions: []
    otherwise:
      status: "COMPLIANT"
      currentStateMessage: "Security Hub is enabled."