diff --git a/contrib/asff.tpl b/contrib/asff.tpl index 27c38185543..46904464223 100644 --- a/contrib/asff.tpl +++ b/contrib/asff.tpl @@ -82,7 +82,7 @@ { "SchemaVersion": "2018-10-08", "Id": "{{ $target }}/{{ .ID }}", - "ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}:{{ env "AWS_ACCOUNT_ID" }}:product/aquasecurity/trivy", + "ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity", "GeneratorId": "Trivy/{{ .ID }}", "AwsAccountId": "{{ env "AWS_ACCOUNT_ID" }}", "Types": [ "Software and Configuration Checks" ], diff --git a/docs/docs/integrations/aws-security-hub.md b/docs/docs/integrations/aws-security-hub.md index 60c34bef411..c6b161e4e86 100644 --- a/docs/docs/integrations/aws-security-hub.md +++ b/docs/docs/integrations/aws-security-hub.md @@ -10,10 +10,16 @@ $ AWS_REGION=us-west-1 AWS_ACCOUNT_ID=123456789012 trivy image --format template ASFF template needs AWS_REGION and AWS_ACCOUNT_ID from environment variables. -The Product [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) field follows the pattern below to match what AWS requires for the [product resource type](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecurityhub.html). +The Product [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) field follows the pattern below to match what AWS requires for the [product resource type](https://github.com/awsdocs/aws-security-hub-user-guide/blob/master/doc_source/securityhub-partner-providers.md#aqua-security--aqua-cloud-native-security-platform-sends-findings). ``` -"ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}:{{ env "AWS_ACCOUNT_ID" }}:product/aquasecurity/trivy", +"ProductArn": "arn:aws:securityhub:{{ env "AWS_REGION" }}::product/aquasecurity/aquasecurity", +``` + +In order to upload results you must first run [enable-import-findings-for-product](https://docs.aws.amazon.com/cli/latest/reference/securityhub/enable-import-findings-for-product.html) like: + +``` +aws securityhub enable-import-findings-for-product --product-arn arn:aws:securityhub:::product/aquasecurity/aquasecurity ``` Then, you can upload it with AWS CLI.