Rule: Enable AWS Security Hub for AWS Accounts
Ensure AWS Security Hub is enabled for all AWS Accounts to enhance security measures.
| Rule | AWS Security Hub should be enabled for an AWS Account |
| Framework | GxP EU Annex 11 |
| Severity | ✔ High |
Rule Description
The AWS Security Hub should be enabled for an AWS Account to ensure compliance with the GxP EU Annex 11 regulations. The GxP EU Annex 11 regulations require that appropriate measures are implemented to ensure the integrity, confidentiality, and availability of electronic records and signatures. By enabling AWS Security Hub, you can centrally manage security and compliance across your AWS resources, gain visibility into potential security and compliance issues, and take appropriate actions to remediate them.
Troubleshooting Steps
In case you encounter any issues while enabling AWS Security Hub, please follow these troubleshooting steps:
- 1.
Check AWS Account Permissions: Ensure that you have the necessary permissions to enable Security Hub for your AWS Account. You should have the
orSecurityHubFullAccess
IAM policy attached to your user or role.SecurityHubReadOnlyAccess - 2.
Verify Account Region: Confirm that you are attempting to enable Security Hub in the correct AWS region. Security Hub must be enabled separately for each region your account uses.
- 3.
Check Service Quotas: Verify that you have not reached the maximum service quota for Security Hub in your AWS Account. If you have exceeded the quota, you will need to request a quota increase.
- 4.
Review AWS Organizations Configuration: If you are part of an AWS Organization, ensure that Security Hub is enabled at the organization level. This will automatically enable Security Hub for all member accounts in the organization.
- 5.
Review VPC Endpoint Configuration: If your AWS Account has VPC endpoints configured for AWS Security Hub, ensure that they are functioning correctly. VPC endpoints provide secure and private connectivity to Security Hub without requiring internet access.
- 6.
Check Network and Security Configuration: Ensure that outbound internet connectivity is available from your AWS Account to the AWS Security Hub service. If you have specific network or security configurations in place, such as outbound traffic restrictions, check that they do not block the required connections.
Necessary Codes
No specific codes are required for enabling AWS Security Hub in an AWS Account.
Step by Step Guide - Enabling AWS Security Hub
Follow these step-by-step instructions to enable AWS Security Hub for your AWS Account:
- 1.
Sign in to the AWS Management Console: Open your preferred web browser, navigate to the AWS Management Console, and sign in with your AWS Account credentials.
- 2.
Open the Security Hub Service: Once signed in, search for "Security Hub" in the AWS Management Console search bar, and click on the "AWS Security Hub" service that appears in the results.
- 3.
Navigate to the Security Hub Settings: In the AWS Security Hub console, click on "Settings" in the left-hand navigation menu.
- 4.
Enable Security Hub: On the "Settings" page, click on the "Enable Security Hub" button.
- 5.
Choose the Region: In the region selection dropdown, choose the AWS region where you want to enable Security Hub.
- 6.
Review the Configuration: Review the information presented on the "Review" page to ensure it is correct.
- 7.
Enable Standards: If required by GxP EU Annex 11, enable the relevant standards (e.g., CIS AWS Foundations Benchmark) by selecting the checkboxes next to them.
- 8.
Click Enable Security Hub: Once you have reviewed the configuration and enabled any necessary standards, click on "Enable Security Hub".
- 9.
Wait for the Enablement Process: Allow some time for the enablement process to complete.
- 10.
Verify Enablement: Once the enablement process is complete, navigate to the "Findings" page in the AWS Security Hub console to verify that Security Hub is active and collecting findings.
Conclusion
By following the step-by-step guide, you will successfully enable AWS Security Hub for your AWS Account in compliance with the GxP EU Annex 11 regulations. Regularly monitor and review the findings collected by Security Hub to identify and remediate any security and compliance issues.