Enable standards only when explicitly specified

awslabs / aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control

MIT No Attribution

271 stars 108 forks source link

Enable standards only when explicitly specified #47

Open ssteo opened 4 years ago

ssteo commented 4 years ago

Issue #, if available: Standards are enabled by default when enabling Security Hub, this is not a wanted behaviour when user did not specify enable_standards flag.

Description of changes: This change ensure that standards are not enabled when enabling Security Hub unless explicitly specified.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

ssteo commented 4 years ago

@ryanholland Would you please review and merge if ok? Thanks

quiver commented 2 years ago

+1 for this PR.

By default(current behavior), both CIS and AWS best practice standards are enabled.

With this change, you can opt-in which standards are enabled(see #61).