1. Assessment Phase

  • Verify Security Hub Status
  • User Selections

2. Summary Phase

  • Confirm Config Summary

3. Configuration Phase

  • Enable Security Hub
  • Fetch Standards ARNs
  • Enable Selected Standards
  • Update Finding Frequency
  • Configure IAM Policy

4. Validation Phase

  • List Enabled Standards
  • Preview Security Hub Findings
1 Credits

AWS Security Hub Configuration

Overview

Set up and configure AWS Security Hub to enhance your AWS environment's security posture, ensuring compliance with best practices and reducing risks. Follow this plan to systematically assess, configure, and validate your Security Hub settings across selected regions, security standards, and account scopes. User inputs are gathered throughout to tailor the setup to your specific needs.

Execution Details

Assessment Phase

  • Select AWS Region: Guide the user to choose the AWS region for Security Hub deployment, confirming the selection for deployment tasks.
  • Verify Security Hub Status: Check if Security Hub is enabled in the selected region, confirming the current status for further configuration.
  • User Selections: Collect inputs for Security Hub configuration such as account scope, selected security standards, version preference, and finding frequency tuning, summarizing all user selections.

Summary Phase

  • Confirm Config Summary: Present a summary of your Security Hub configuration, including the region, security standards, account scope, and finding frequency options. The user confirms the configuration before proceeding.

Configuration Phase

  • Enable Security Hub: Activate AWS Security Hub in the designated region and verify the enabling process.
  • Fetch Standards ARNs: Retrieve Security Hub's available security standards ARNs for subsequent steps.
  • Enable Selected Standards: Enable specified security standards, potentially including PCI DSS, based on user input.
  • Update Finding Frequency: Offer users the option to adjust the finding frequency control to a higher setting, such as HIGH.
  • Configure IAM Policy: Apply a tailored IAM policy with necessary permissions, including optional UpdateStandardsControl actions based on user selections.

Validation Phase

  • List Enabled Standards: Display all enabled security standards for confirmation of correct application of user configurations.
  • Preview Security Hub Findings: Retrieve and preview a subset of Security Hub findings to validate service functionality and setup accuracy.