Skip to content

nsbno/aws-securityhub-multiaccount-activation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
CloudFormation
CloudFormation
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
enable.csv
enable.csv
 
 
lambda_function.py
lambda_function.py
 
 
utils.py
utils.py
 
 

Repository files navigation

This lambda script would enable AWS SecurityHub on member accounts.

The python script source has been gotten from awslabs/aws-securityhub-multiaccount-scripts github repo and it is modified in a way that:

  • It runs on AWS Lambda-Function
  • Fetching member's list info from a S3 bucket.

An infrastructure as code using cloudformation has been implemented for deploying it on AWS under CloudFormation folder:

  • SecurityHubMaster.yml and securityhub-enable-members.yml would be run on Master account (The account that is gonna be used as SecurityHub Master account), first template will create securityhub, s3 bucket, IAM role, policies and activate aws-config on the master account, it will also create a lambda function amd cloudwatch event in order to send securityhub-findings to a slack channel automatically. The second script would create a lambda function, S3 buckets, IAM role and policies to activate securityhub and config on member accounts.

  • CloudFormation/MembersRole-Template/cloudformation/securityhub-assume-role-members.yml file would be run on member account in order to give the master account access to enable securityhub.

securityhub-enable-members

About

Enabling securityhub on member accounts automatically

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages