Stack Overflow
Stack Overflow

Questions tagged [aws-security-hub]

Used for questions related to the Amazon Web Services (AWS) Security Hub service.

31 questions
0
votes
0 answers

Terraform/AWS: Suppressing findings for a bucket through Terraform

I am provisioning an S3 bucket on AWS through Terraform. To fix a security finding S3 bucket server access logging should be enabled, another bucket holding the logs can be provisioned. The advice states "suppressing all findings for this log bucket…
flooz
  • 143
  • 1
  • 4
0
votes
1 answer

AWS Inspector2 not working with default Amazon Linux 2

I'm trying to use the aws inspector service (the new one, not the classic one) and I created an Amazon Linux 2 instance, and I attached the AmazonSSMManagedInstanceCore role and so the instance appeared in the fleet manager but the aws inspector…
Fernando
  • 11
  • 2
0
votes
1 answer

Terraform - AWS - TypeError: planResultMessage.search is not a function

I've been scratching my head over this one for longer than I'd like to admit, but I'm throwing in the towel... I have a large Terraform package and in the Terraform Plan, I get this error: Terraform Plan (Error) Log Exception Error in plan -…
Justin Lawhorne
  • 51
  • 6
0
votes
0 answers

mutual TLS authentication for Amazon API Gateway - With my existing public key infrastructure (PKI) standard

I am trying to enable mTLS for Amazon API Gateway for my endpoint, and I have my existing public key (PKI) for my domain (.crt & .key)..While using to upload my existing root CA public key in S3 bucket, I am getting some error like "API Gateway…
Selva Kannan
  • 63
  • 2
  • 12
0
votes
0 answers

AWS Security Hub API does not return Latitude and Longitudes

I am working on a project which needs to display the identified AWS security threats on a globe. They have specifically asked to use Security Hub API to get the GaurdDuty, Firewall etc. identified threats by integrating them to Security Hub. We were…
Dulanjali
  • 27
  • 1
  • 7
0
votes
0 answers

AccessDeniedException when calling BatchImportFindings in AWS SDK for Java

I am using the AWS SDK for Java to import security findings from a custom security solution. When I try to call batchImportFindings, it gives me an AccessDeniedException even though I have enabled the AWSSecurityHubFullAccess policy for the user I…
imCampyy
  • 1
  • 1
0
votes
2 answers

Docker build in CodeBuild without Priviledged mode

We are building docker images in CodeBuild. This works fine but we have a "HIGH" security hub finding because we had to enable priviledged mode: CodeBuild.5 CodeBuild project environments should not have privileged mode enabled I'm currently…
DenCowboy
  • 13,884
  • 38
  • 114
  • 210
0
votes
1 answer

Use AWS Config to find EC2 instances using Instance Metadata Service Version 1 (IMDSv1)

How do you find Amazon EC2 instances that are in a public subnet and are using Instance Metadata Service Version 1 (IMDSv1) using AWS Config or AWS Security Hub? Thanks.
Row
  • 180
  • 2
  • 5
0
votes
1 answer

Is it possible to auto enable AWS Config on addition of a new account to organisation?

AWS has auto-join/auto-enable recording of new resources and accounts in Security Hub, which I am happily using. I wanted to enable the same kind of setting for AWS Config, which currently require manual setup for all new accounts of my…
Ido Van Orell
  • 133
  • 1
  • 4
0
votes
0 answers

Security Hub findings - Identify the Resource Id

In Security Hub -> Findings , I am trying to Identify a ResourceId but ResourceId contains Account Name and Account Id. Where I can find a resource Id which is not linked to Account Id. Let's say if I need to remediate it for a particular Resource,…
Bokambo
  • 4,204
  • 27
  • 79
  • 130
0
votes
1 answer

EventBridge Rule for findings from SecurityHub

I am trying to create a EventBridge Rule for a "event" pattern as below : My Json Structure : { "Findings": [ { "SchemaVersion": "2018-10-08", "Id":…
Bokambo
  • 4,204
  • 27
  • 79
  • 130
0
votes
1 answer

How to pull data from AWS Security Hub using Scheduler?

How to pull data from AWS Security hub automatically using a scheduler ? I am new to AWS on doing some analysis I found below : In Security Hub data is in Json format , we don't have option to do Export to csv/excel ? All Security hub…
Bokambo
  • 4,204
  • 27
  • 79
  • 130
0
votes
1 answer

How to enable the security hub through cloudformation template

I'm trying to enable the AWS Security Hub along with AWS Foundation Security Best Practice and CIS Benchmarking with Cloudformation template. AWSTemplateFormatVersion: 2010-09-09 Description: Resources: SecurityHub: Type:…
T Paul Manohar
  • 15
  • 6
0
votes
0 answers

Suppress or delete findings & violations (security hub/config) for default created resources by control tower?

I deployed control tower in the ca-central-1 region and enabled security hub and aws config through a dedicated admin account (audit account provided by default via control tower). I then enabled the following security standards: PCI DSS v3.2.1 CIS…
kryogenic1
  • 166
  • 1
  • 2
  • 15
0
votes
3 answers

EC2 instances should not have a public IP address | AWS Foundational Security Best Practices

Recently I have run security assessment of my AWS resources using AWS Security Hub. As a result, under the AWS Foundational Security Best Practices v1.0.0 category, there is a failure that saying EC2 instances should not have a public IPv4…
Thiwanka Wickramage
  • 782
  • 1
  • 10
  • 22
1
2
3