If you prefer learning by watching over reading, you can find an animated image at the bottom with all the steps listed below.
To enable AWS Security Hub:
Log into your Cloud9 Workspace
Run the following command (no output will be generated)
aws securityhub enable-security-hub --enable-default-standards
Log into your AWS account with your browser and then browse to the AWS Security Hub.
If you see the Summary web page, it means its enabled in your account. You can skip to the Step2 below.
You may see a temporary red warning about AWS Config not being appropriately enabled, but it will disappear on its own once the Security Hub detects that the activation has been made. It has no relation to the use of Sysdig CloudConnector.
To install this tool, we will be using a CloudFormation Template. Follow the steps below to install the Sysdig CloudConnector:
Navigate to the CloudFormation template for Sysdig CloudConnector deployment. The template will preview in CloudFormation.
On the “Create stack” section, click the ‘Next’ button to start setting up the template.
The “Specify stack details” section has no parameters for you to configure, so you can just press the Next button.
On “Configure stack options” screen, press the Next button.
You can optionally add tag keys and values to the deployment, but no further configuration is required. Finally, you will be presented with a summary of all the parameters you previously introduced. Please note that dedicated IAM roles will be created to perform the scanning. These roles follow the “least privilege principle” to enforce maximum security.
Finally click the checkbox
Then press the Create stack button
On the CloudFormation dashboard, you should see the template status is ‘CREATE_IN_PROGRESS’.
The creation process may take up to ten minutes. You’ll be using CloudConnector in Module 3. So, in the meantime, you can continue with this workshop. You can later revisit the CloudFormation section in AWS to check the status of the deployment. It will show as “CREATE_COMPLETE” once the deployment has completed successfully.