search

awslabs / aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control
MIT No Attribution
271 stars 108 forks source link

Should this work in GovCloud? #59

Closed 542d2ad116 closed 2 years ago

542d2ad116 commented 3 years ago

Someone tell me what I'm doing wrong here. Using the latest pull from today. Not sure where the hangup is..

python3 ./enablesecurityhub.py --master_account ************ --assume_role ManageSecurityHub --enable_standards arn:aws-us-gov:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0,standards/aws-foundational-security-best-practices/v/1.0.0  --enabled_regions us-gov-west-1 /home/ec2-user/aws-securityhub-multiaccount-scripts/gov-accounts.csv
Beginning ************ in us-gov-west-1
Error NoSuchBucketException("An error occurred (NoSuchBucketException) when calling the PutDeliveryChannel operation: No such s3 bucket with name 'config-bucket-*****-************'.") enabling Config on account ************
Account ************ is already a member of ************ in region us-gov-west-1
Error Processing Account ************
Error validating or enabling AWS Config for account ************ in us-gov-west-1 - requested standards not enabled