Amazon Web Services (AWS) Security Hub
AWS Security Hub
This CLI is able to sync assets and findings from the AWS Security Hub to RegScale. The finding data will be converted to RegScale security checks at the asset level, and then rolled up to the security plan.
Authentication
There is no init.yaml configuration for this integration. The AWS functionality authenticates with Amazon with either a credentials file or via environment variables.
Example Credentials File
/path/to/user/folder/.aws/credentials
[default]
aws_access_key_id = ACCESSKEYHERE
aws_secret_access_key = SECRETKEYHERE
Example Environment variables
The user may also forgo creating a credentials file and use environment variables to authenticate with AWS.
AWS_ACCESS_KEY_ID
- The access key for your AWS account.AWS_SECRET_ACCESS_KEY
- The secret key for your AWS account.
See AWS documentation for more authentication information
AWS Security Hub Workfow
- Update AWS configuration information (see above).
- Make sure a RegScale security plan is available and populated with control implementations.
- Use the following command to populate your RegScale SSP with AWS assets and findings.
--aws
AWS CLI Integration
-sync_findings
- Fetch AWS Security Hub assets and findings to a RegScale security plan.
- The finding data will be converted to RegScale security checks at the asset level, and then rolled up to the security plan.
- These findings will cause a linked control implementation to beNot Implemented
.
---regscale_ssp_id
- The ID of the RegScale Security Plan
---create_issue
- Create RegScale issues for [Low, Medium, High, or Critical] findings.
Example Commands
regscale aws sync_findings --regscale_ssp_id 264 --create_issue 1
Updated about 1 month ago