Skip to content
Alchemy
GitHubXDiscordRSS

Insight

Learn how to create, update, and manage AWS SecurityHub Insights using Alchemy Cloud Control.

The Insight resource lets you manage AWS SecurityHub Insights for aggregating and analyzing security findings within your AWS account.

Minimal Example

Section titled “Minimal Example”

Create a basic SecurityHub Insight with required properties:

import AWS from "alchemy/aws/control";


const securityInsight = await AWS.SecurityHub.Insight("basicInsight", {
  filters: {
    ProductArn: {
      "equals": "arn:aws:securityhub:us-east-1::product/aws/securityhub"
    },
    SeverityLabel: {
      "equals": "HIGH"
    }
  },
  groupByAttribute: "ResourceType",
  name: "High Severity Insights",
  adopt: true
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure an Insight with more complex filter settings for detailed analysis:

const advancedInsight = await AWS.SecurityHub.Insight("advancedInsight", {
  filters: {
    ProductArn: {
      "equals": "arn:aws:securityhub:us-east-1::product/aws/securityhub"
    },
    SeverityLabel: {
      "equals": "MEDIUM"
    },
    ResourceType: {
      "equals": "AWS::EC2::Instance"
    }
  },
  groupByAttribute: "AccountId",
  name: "Medium Severity EC2 Insights",
  adopt: true
});

Resource Type Aggregation

Section titled “Resource Type Aggregation”

Create an Insight that groups findings by resource type for better visibility:

const resourceTypeInsight = await AWS.SecurityHub.Insight("resourceTypeInsight", {
  filters: {
    ProductArn: {
      "equals": "arn:aws:securityhub:us-east-1::product/aws/securityhub"
    },
    SeverityLabel: {
      "equals": "LOW"
    }
  },
  groupByAttribute: "ResourceType",
  name: "Low Severity Resource Type Insights",
  adopt: false
});

Multi-Account Insights

Section titled “Multi-Account Insights”

Set up an Insight that aggregates findings across multiple AWS accounts:

const multiAccountInsight = await AWS.SecurityHub.Insight("multiAccountInsight", {
  filters: {
    ProductArn: {
      "equals": "arn:aws:securityhub:us-east-1::product/aws/securityhub"
    },
    SeverityLabel: {
      "equals": "CRITICAL"
    }
  },
  groupByAttribute: "AccountId",
  name: "Critical Severity Multi-Account Insights",
  adopt: true
});