AWS Security Hub Organization Configuration

This page shows how to write Terraform for Security Hub Organization Configuration and write them securely.

aws_securityhub_organization_configuration (Terraform)

The Organization Configuration in Security Hub can be configured in Terraform with the resource name aws_securityhub_organization_configuration. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


The following arguments are supported:

  • auto_enable - (Required) Whether to automatically enable Security Hub for new accounts in the organization.

In addition to all arguments above, the following attributes are exported:

  • id - AWS Account ID.

Explanation in Terraform Registry

Manages the Security Hub Organization Configuration.

NOTE: This resource requires an aws_securityhub_organization_admin_account to be configured (not necessarily with Terraform). More information about managing Security Hub in an organization can be found in the Managing administrator and member accounts documentation NOTE: This is an advanced Terraform resource. Terraform will automatically assume management of the Security Hub Organization Configuration without import and perform no actions on removal from the Terraform configuration.

CloudFormation Example

CloudFormation code does not have the related resource.

Frequently asked questions

What is AWS Security Hub Organization Configuration?

AWS Security Hub Organization Configuration is a resource for Security Hub of Amazon Web Service. Settings can be wrote in Terraform.


Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.