/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the auditmanager-2017-07-25.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.AuditManager.Model { ///

/// A keyword that relates to the control data source. /// /// /// /// For manual evidence, this keyword indicates if the manual evidence is a file or text. /// /// /// /// For automated evidence, this keyword identifies a specific CloudTrail event, Config /// rule, Security Hub control, or Amazon Web Services API name. /// /// /// /// To learn more about the supported keywords that you can use when mapping a control /// data source, see the following pages in the Audit Manager User Guide: /// ///

/// /// Config /// rules supported by Audit Manager /// ///
/// /// Security /// Hub controls supported by Audit Manager /// ///
/// /// API /// calls supported by Audit Manager /// ///
/// /// CloudTrail /// event names supported by Audit Manager /// ///

///

public partial class SourceKeyword { private KeywordInputType _keywordInputType; private string _keywordValue; ///

/// Gets and sets the property KeywordInputType. /// /// The input method for the keyword. /// ///

/// /// SELECT_FROM_LIST is used when mapping a data source for automated evidence. /// ///
- /// /// When keywordInputType is SELECT_FROM_LIST, a keyword must /// be selected to collect automated evidence. For example, this keyword can be a CloudTrail /// event name, a rule name for Config, a Security Hub control, or the name of an Amazon /// Web Services API call. /// ///
/// /// UPLOAD_FILE and INPUT_TEXT are only used when mapping a /// data source for manual evidence. /// ///
- /// /// When keywordInputType is UPLOAD_FILE, a file must be uploaded /// as manual evidence. /// ///
- /// /// When keywordInputType is INPUT_TEXT, text must be entered /// as manual evidence. /// ///

///

public KeywordInputType KeywordInputType { get { return this._keywordInputType; } set { this._keywordInputType = value; } } // Check to see if KeywordInputType property is set internal bool IsSetKeywordInputType() { return this._keywordInputType != null; } ///

/// Gets and sets the property KeywordValue. /// /// The value of the keyword that's used when mapping a control data source. For example, /// this can be a CloudTrail event name, a rule name for Config, a Security Hub control, /// or the name of an Amazon Web Services API call. /// /// /// /// If you’re mapping a data source to a rule in Config, the keywordValue /// that you specify depends on the type of rule: /// ///

/// /// For managed /// rules, you can use the rule identifier as the keywordValue. You can /// find the rule identifier from the list /// of Config managed rules. For some rules, the rule identifier is different from /// the rule name. For example, the rule name restricted-ssh has the following /// rule identifier: INCOMING_SSH_DISABLED. Make sure to use the rule identifier, /// not the rule name. /// /// /// /// Keyword example for managed rules: /// ///
- /// /// Managed rule name: s3-bucket-acl-prohibited /// /// /// /// /// keywordValue: S3_BUCKET_ACL_PROHIBITED /// ///
/// /// For custom /// rules, you form the keywordValue by adding the Custom_ /// prefix to the rule name. This prefix distinguishes the custom rule from a managed /// rule. /// /// /// /// Keyword example for custom rules: /// ///
- /// /// Custom rule name: my-custom-config-rule /// /// /// /// keywordValue: Custom_my-custom-config-rule /// ///
/// /// For service-linked /// rules, you form the keywordValue by adding the Custom_ /// prefix to the rule name. In addition, you remove the suffix ID that appears at the /// end of the rule name. /// /// /// /// Keyword examples for service-linked rules: /// ///
- /// /// Service-linked rule name: CustomRuleForAccount-conformance-pack-szsm1uv0w /// /// /// /// keywordValue: Custom_CustomRuleForAccount-conformance-pack /// /// ///
- /// /// Service-linked rule name: OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba /// /// /// /// keywordValue: Custom_OrgConfigRule-s3-bucket-versioning-enabled /// /// ///

/// /// The keywordValue is case sensitive. If you enter a value incorrectly, /// Audit Manager might not recognize the data source mapping. As a result, you might /// not successfully collect evidence from that data source as intended. /// /// /// /// Keep in mind the following requirements, depending on the data source type that you're /// using. /// ///

/// /// For Config: /// ///
- /// /// For managed rules, make sure that the keywordValue is the rule identifier /// in ALL_CAPS_WITH_UNDERSCORES. For example, CLOUDWATCH_LOG_GROUP_ENCRYPTED. /// For accuracy, we recommend that you reference the list of supported /// Config managed rules. /// ///
- /// /// For custom rules, make sure that the keywordValue has the Custom_ /// prefix followed by the custom rule name. The format of the custom rule name itself /// may vary. For accuracy, we recommend that you visit the Config /// console to verify your custom rule name. /// ///
/// /// For Security Hub: The format varies for Security Hub control names. For accuracy, /// we recommend that you reference the list of supported /// Security Hub controls. /// ///
/// /// For Amazon Web Services API calls: Make sure that the keywordValue is /// written as serviceprefix_ActionName. For example, iam_ListGroups. /// For accuracy, we recommend that you reference the list of supported /// API calls. /// ///
/// /// For CloudTrail: Make sure that the keywordValue is written as serviceprefix_ActionName. /// For example, cloudtrail_StartLogging. For accuracy, we recommend that /// you review the Amazon Web Service prefix and action names in the Service /// Authorization Reference. /// ///

///

[AWSProperty(Min=1, Max=100)] public string KeywordValue { get { return this._keywordValue; } set { this._keywordValue = value; } } // Check to see if KeywordValue property is set internal bool IsSetKeywordValue() { return this._keywordValue != null; } } }