Description

We are currently using manually created CustomInsights that show findings over all environments, which are filtered by Account name prefixes:

Sample output from aws cli

aws securityhub get-insights --query "Insights[?Name=='MyCustomInsight']" --output json

          "AwsAccountName": [
                {
                    "Value": "myaccounts",
                    "Comparison": "PREFIX"
                }
            ]

the actual accounts are named myaccounts-dev, myaccounts-int, myaccounts-prod

It seems currently not possible to recreate this within resource aws_securityhub_insight since the option to filter by account name is not existing.
Putting the account IDs to filter conditions instead is only a workaround.

Could this filter condition be implemented as well?

Affected Resource(s) and/or Data Source(s)

resource aws_securityhub_insight

Potential Terraform Configuration

resource "aws_securityhub_insight" "custom_insight" {
  name               = "MyCustomTFInsight"
  group_by_attribute = "ProductName"

  filters {
    account_name {
      comparison = "PREFIX"
      value      = "myaccounts"
    }
}

References

https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_CreateInsight.html

Would you like to implement a fix?

No