search

awslabs / aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control
MIT No Attribution
271 stars 108 forks source link

Feature:Add optional argument to command line for accepting the Standards Warning #11

Open charles545587 opened 5 years ago

charles545587 commented 5 years ago

I am trying to run this via a CodePipeline Project, at the moment the task will fail as the code requires user input to accept the deployment of the CIS Benchmarks.

Could an additional positional argument be added to accept this allowing it to run without user input? for example

$python enablesecurityhub.py -y ${enablecsv} --master_account ${AdministratorAccountId} --assume_role ${CodeBuildManageSecurityHubRole} --enable_standards arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0

I will attempt to do this myself, but someone else might be able to perform a quicker fix.

charles545587 commented 5 years ago

I have made a work around by commenting out the check in the code.

obijan42 commented 4 years ago

Implemented here: https://github.com/awslabs/aws-securityhub-multiaccount-scripts/pull/22/commits/dde78364b23c9e1e78674809b1e654f73cf1d16c

wallabyies commented 4 years ago

It would be great if this feature could be implemented. Not having it makes automating this deployment impossible if the enabled_standards switch is used.

It looks like a solution for this has already been opened here: https://github.com/awslabs/aws-securityhub-multiaccount-scripts/pull/22