AWS Foundational Security Best Practices controls

awslabs / aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control

MIT No Attribution

271 stars 108 forks source link

AWS Foundational Security Best Practices controls #38

Closed martinklie closed 4 years ago

martinklie commented 4 years ago

Any updates needed to enable https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html

As well can we please share the syntax to enable. Thanks in advanced.

bootswithdefer commented 4 years ago

I am using this and it seems to work for me: ./enablesecurityhub.py --master_account 11111111111 --assume_role AdministratorAccess --enabled_regions us-east-1,us-east-2 --enable_standards arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0,standards/aws-foundational-security-best-practices/v/1.0.0 accounts.csv

Note the new rule set doesn't need the arn:aws:securityhub prefix.

ryanholland commented 4 years ago

Correct the script is setup such that no updates are required for new standards, for all those expect the CIS benchmarks the format is standards//v/x.y.z