Enabling Security Hub for Newly Created AWS Accounts
Introduction
This guide will help you enable AWS Security Hub for newly created AWS accounts using Pulumi. AWS Security Hub provides a comprehensive view of your security state within AWS and helps you check your environment against security industry standards and best practices.
Step-by-Step Explanation
Step 1: Set Up Your Pulumi Project
First, ensure you have the Pulumi CLI installed and configured. Create a new Pulumi project if you don’t have one already:
pulumi new aws-typescript -y
Step 2: Install AWS SDK
Ensure you have the AWS SDK installed in your project:
npm install @pulumi/aws
Step 3: Create a New AWS Account
You can use AWS Organizations to create a new AWS account. Here’s how you can do it programmatically:
import * as aws from "@pulumi/aws";
const newAccount = new aws.organizations.Account("newAccount", {
email: "new-account-email@example.com",
accountName: "NewAccount",
roleName: "OrganizationAccountAccessRole",
});
Step 4: Enable Security Hub
Once the new account is created, you can enable AWS Security Hub:
const securityHub = new aws.securityhub.Account("securityHub", {
enableDefaultStandards: true,
}, {dependsOn: newAccount});
Step 5: Deploy Your Stack
Finally, deploy your Pulumi stack to create the new AWS account and enable Security Hub:
pulumi up
Conclusion
By following these steps, you have successfully enabled AWS Security Hub for a newly created AWS account using Pulumi. This ensures that your new account is immediately monitored for security compliance and best practices.
Full Code Example
import * as aws from "@pulumi/aws";
// Create a new AWS account
const newAccount = new aws.organizations.Account("newAccount", {
email: "new-account-email@example.com",
name: "NewAccount",
roleName: "OrganizationAccountAccessRole",
});
// Enable AWS Security Hub for the new account
const securityHub = new aws.securityhub.Account("securityHub", {
enableDefaultStandards: true,
}, {dependsOn: newAccount});
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.