Follow the below instructions to configure Stax-managed Security Hub or see the Stax API.
Before You Begin
- Estimated time to complete: 10 minutes (Deployment can take a few minutes or up to 2 hours depending on the number of in-scope accounts)
- Ensure you are a member of the Admin role in your Stax tenancy
- Ensure you are authorized to override any existing configurations of Security Hub.
Stax does not disable Security Hub if you already have it turned on for an account, hence any existing findings should not be lost
Configure Security Hub
- Log in to the Stax Console
Open the customer menu in the left-hand nav (click the arrow next to your organization alias)
- Choose Foundation Services from the customer menu, then Get Started on the Stax-managed Security Hub tile
- Review the changes that will be made as a result of configuring the service, then choose Continue
- Select the checkbox to confirm you will be overriding any existing Security Hub configuration.
- Optional: Choose the standards you wish to enable, and the regions in which you want to assess against those standards
- Choose Configure
AWS Security Hub will take some time to configure depending on the number of AWS accounts you have. Once configured, Stax-managed Security Hub will transition from Configuring to Active on the Foundation Services page.
Update AWS Security Hub Standards
Once you have configured Stax-managed Security Hub, you can enable and disable the compliance standards offered in AWS Security Hub.
- On the Foundation Services page, choose the settings cog on the Stax-managed Security Hub tile
- Click on the Edit button next to Settings
- Enable or disable a standard by clicking the toggle next to the standard
- Choose the regions you wish to assess
- Click Save
AWS Security Hub will take some time to update depending on the number of AWS accounts you have. Once updated, Stax-managed Security Hub will transition from Configuring to Active on the Foundation Services page.
View AWS Security Hub Findings
To view findings from AWS Security Hub, you will need to log into the delegated administrator account in the aggregation region that Stax has configured for you.
Before you can log in to the account, you must be a member of a group that grants you appropriate access to the Security foundation account.
- Choose Accounts in the left-hand nav
- Click the log in button next to your organization's Security foundation account
- Choose the role you wish to assume. The AWS Management Console will open in a new tab
- Switch to your organization's aggregation region. The aggregation region is the AWS region of your Stax Installation Region
- Navigate to the AWS Security Hub service to review the findings for your organization's accounts