2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Fully customizable standards are coming in the future. Today, you can disable individual controls in a standard. This can only be done after you have enabled the standard.
Relevant docs:
https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-cis-to-disable.html
답변함 4년 전
0
Thank you, Ely. That is great to hear about fully customizable standards coming in the future. Also, thank you for confirming that we can only enable standards and then disable individual rules. That is what I thought.
답변함 4년 전
Hi Ely, so are we now able to add custom Security Standards in the security hub?
Hi Ely,
I don't see that this was ever released and we'd still like to be able to define a custom standard. Selecting rules from the existing standards would be perfectly acceptable for us. We know we can enable the standards via the API and then turn off individual rules, but we then have to monitor for new rules and add them to the script or we will have new AWS accounts with rules that we do not wish to be enabled. It would be so much easier to just select the rules we wish to have enabled and add them to a custom standard. We wouldn't have to constantly maintain the script that way and it would simplify the entire process. Please let us know if this is still planned.
Thank you, Jeff