AWS Security Hub Account
This page shows how to write Terraform for Security Hub Account and write them securely.
aws_securityhub_account (Terraform)
The Account in Security Hub can be configured in Terraform with the resource name aws_securityhub_account
. The following sections describe 5 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_securityhub_account" "us-east-1" {
count = contains(var.regions, "us-east-1") ? 1 : 0
provider = aws.us-east-1
}
# us-east-2
resource "aws_securityhub_account" "SecurityHub" {}
# resource "aws_securityhub_member" "SecurityHub_Addon_Member" {
# depends_on = [aws_securityhub_account.SecurityHub]
# #account_id = var.SECURITY_ACCOUNT_ID
resource "aws_securityhub_account" "securityhub" {}
resource "aws_securityhub_account" "platform_sh_account" {}
resource "aws_securityhub_standards_subscription" "platform_sh_standards_subscription" {
depends_on = [aws_securityhub_account.platform_sh_account]
standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
resource "aws_securityhub_account" "this" {}
Parameters
-
id
optional computed - string
Explanation in Terraform Registry
Enables Security Hub for this AWS account.
NOTE: Destroying this resource will disable Security Hub for this AWS account.
CloudFormation Example
CloudFormation code does not have the related resource.
Frequently asked questions
What is AWS Security Hub Account?
AWS Security Hub Account is a resource for Security Hub of Amazon Web Service. Settings can be wrote in Terraform.
Where can I find the example code for the AWS Security Hub Account?
For Terraform, the ArtiomL/aws-sec-controls, GaryTapia/aws-security-setup and ministryofjustice/analytical-platform-aws-security source code examples are useful. See the Terraform Example section for further details.