A collection of AWS Security controls for AWS Security Hub. Configuration items include templates to set up AWS Security Hub in an account as well as templates to enable compliance standards checking such as CIS AWS Foundations
A configuration package to enable AWS Security Hub in an AWS account including service prerequisites and notification. AWS Security Hub turns on CIS AWS Foundations Compliance Standards by default.
Configuration to enable AWS Security Hub in an AWS Account, with option to configure security standards such as CIS Foundation Benchmarks.
This template creates an AWS Security Hub automation rule with the specified criteria and actions. The automation rule is used to automatically respond to security findings based on the defined criteria. The example includes all available fields for criteria and actions.
This template creates an AWS Security Hub resource. It enables the default standards and turns on consolidated control findings.
This template creates an AWS Security Hub resource with the specified tags. It disables the default standards and turns off consolidated control findings.
This template creates an AWS SecurityHub Standard resource and enables the AWS Foundational Security Best Practices (FSBP) standard with all controls enabled. The `StandardsArn` property is set to the ARN of the FSBP standard. The template also includes an output `StandardsSubscriptionArn` that references the created Standard resource.
This template creates an AWS SecurityHub Standard resource and enables the FSBP standard. The `StandardsArn` property is set to the ARN of the FSBP standard. The template also includes a `DisabledStandardsControls` property that specifies the controls to be disabled in the standard. The controls are specified using their ARNs and a reason for disabling them. The template also includes an output `StandardsSubscriptionArn` that references the created Standard resource.