Skip to content

epomatti/aws-config-security-hub

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
.assets
.assets
 
 
lambda
lambda
 
 
modules
modules
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cspell.json
cspell.json
 
 
main.tf
main.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

AWS Security Hub + AWS Config

Using AWS Config rules and getting insights with AWS Security Hub.

Additionally, the code provides a custom rule with Lambda to detect and remediate changes to CloudTrail (or other resources):

Create the resources:

terraform init
terraform apply -auto-approve

👉 Using the Console, enable Security Hub manually.

Give it some time for scanning and check AWS Config:

Make changes to a resource such as the EC2 instance, and check the timeline:

If you enabled Security Hub, check the security posture:

Security Hub can integrate with several other AWS services:

Global recording is enabled (ref1, ref2):

Now, you can record changes to the configuration of your IAM Users, Groups, and Roles, including inline policies associated with them. You can also record attachments of your managed (customer-managed) policies and changes made to them.

As well as with other resources, it is possible to track the resource timeline::

CloudTrail

ℹ️ For a multi-region trail, must be in the home region of the trail.

ℹ️ For an organization trail, must be in the master account of the organization.

About

AWS Config and Security Hub demo

Topics

aws terraform dynamodb s3 aws-config cloudtrail aws-security aws-security-hub

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages