How to sign up to the brand new Security Hub Announcements subject for Amazon SNS
With AWS Security Hub it is possible to manage your security position in AWS, perform security best exercise checks, aggregate alerts, and automate remediation. Today you have the ability to make use of Amazon Basic Notification Assistance (Amazon SNS) a subscription to the new Protection Hub Announcements subject to get updates about new Safety Hub services and functions, supported standards and settings newly, along with other Security Hub changes.
<pre> <code> <h2>Presenting the Protection Hub Announcements subject</h2>
<p>Amazon SNS follows the <a href=”https://aws.amazon.com/pub-sub-messaging/” focus on=”_blank” rel=”noopener noreferrer”>publish/subscribe (pub/sub) messaging design</a>, where notifications are sent to you with a <em>press</em> system that eliminates the necessity for you yourself to check or even poll for new details and updates periodically. You can now utilize this push mechanism to get notifications about Safety Hub by subscribing to the devoted Security Hub Announcements subject.</p>
<p>The Protection Hub Announcements topic publishes the next forms of notifications:</p>
<ul>
<li>Common notifications</li>
<li>Upcoming controls< and standards;/li>
<li>New AWS Areas supported</li>
<li>New controls< and standards;/li>
<li>Updated controls< and standards;/li>
<li>Retired controls< and standards;/li>
<li>Improvements to the AWS Safety Finding Structure (ASFF)</li>
<li>New integrations</li>
<li>New features</li>
<li>Adjustments to existing functions</li>
</ul>
<h2>How exactly to utilize the Security Hub Announcements subject</h2>
<p>It is possible to sign up to the SNS topic for Security Hub Announcements to get notification messages about newly released finding forms, updates to the prevailing finding types, along with other functionality adjustments. By subscribing to the SNS subject, you’ll receive Security Hub Announcements messages as because they are published soon. The notifications can be found in all protocols that Amazon SNS facilitates, such as for example SMS and email. To learn more about backed protocols in Amazon SNS, notice <a href=”https://docs.aws.amazon.com/sns/latest/dg/sns-create-subscribe-endpoint-to-subject.html” focus on=”_blank” rel=”noopener noreferrer”>Subscribing to a good Amazon SNS subject</the>.</p>
<p>The Protection Hub Announcements topic comes in all AWS Areas in the <period>aws</period> and <period>aws-cn</period> partitions, but isn’t yet obtainable in the AWS GovCloud (US) Regions (the <period>aws-us-gov</period> partition). In this post later, we’ll present you how to sign up to the Safety Hub Announcements subject in a particular AWS Region utilizing the subject <a href=”https://docs.aws.amazon.com/general/recent/gr/aws-arns-and-namespaces.html” focus on=”_blank” rel=”noopener noreferrer”>Amazon Resource Title (ARN)</the> for that Area. The SNS topic communications will be the same across Areas in a partition, so that you can choose to sign up to only one Area in a partition in order to avoid getting duplicate info.</p>
<p>However, in order to invoke an <a href=”https://aws.amazon.com/lambda/” focus on=”_blank” rel=”noopener noreferrer”>AWS Lambda</a> functionality in a reaction to a Protection Hub Announcements information, you need to subscribe to this issue ARN that’s in exactly the same Region because the Lambda functionality. The Lambda functionality can have the SNS topic information payload as an insight parameter and manipulate the info in the information, publish the information to other SNS subjects, or send the information to other AWS providers. For more information, discover <a href=”https://docs.aws.amazon.com/sns/most recent/dg/lambda-console.html” focus on=”_blank” rel=”noopener noreferrer”>Subscribing a perform to a subject</the> in the Amazon SNS Programmer Guide.</p>
<p>Exactly the same is true if you need to subscribe an <a href=”https://aws.amazon.com/sqs/” focus on=”_blank” rel=”noopener noreferrer”>Amazon Basic Queue Program (Amazon SQS)</the> queue to the Safety Hub Announcements subject, you need to work with a topic ARN that’s in exactly the same Region because the SQS queue. The SQS queue may be used to persist announcement SNS subject text messages in the queue for additional applications to procedure at another time. For more information, find <a href=”https://docs.aws.amazon.com/AWSSimpleQueueService/most recent/SQSDeveloperGuide/sqs-configure-subscribe-queue-sns-topic.html” focus on=”_blank” rel=”noopener noreferrer”>Subscribing a good Amazon SQS queue in order to an Amazon SNS subject in</the> the Amazon SQS Programmer Guide.</p>
<h3>IAM permissions</h3>
<p>Your user account will need to have <period>sns::subscribe</span> AWS Identification and Access Administration (IAM) permissions a subscription to an SNS subject. To find out more on IAM permissions for Amazon SNS, observe <a href=”https://docs.aws.amazon.com/sns/latest/dg/sns-using-identity-based-plans.html” focus on=”_blank” rel=”noopener noreferrer”>Using identity-based guidelines with Amazon SNS</the>.</p>
<h3>Sign up to the Protection Hub Announcements subject</h3>
<p>The next is the set of Security Hub Announcements topic ARNs for every currently supported Area. The illustrations in this post utilize the US West (Oregon) Area (<period>us-west-2</period>), nevertheless, you can upgrade the procedures with among the following ARNs to employ a different supported Area.</p>
<h4>Safety Hub Announcements subject ARNs by Area</h4>
<div course=”hide-language”>
<pre><code class=”lang-text”>arn:aws:sns:us-east-1:088139225913:SecurityHubAnnouncements
arn:aws:sns:us-east-2:291342846459:SecurityHubAnnouncements
arn:aws:sns:us-west-1:137690824926:SecurityHubAnnouncements
arn:aws:sns:us-west-2:393883065485:SecurityHubAnnouncements
arn:aws:sns:eu-central-1:871975303681:SecurityHubAnnouncements
arn:aws:sns:eu-north-1:191971010772:SecurityHubAnnouncements
arn:aws:sns:eu-south-1:151363035580:SecurityHubAnnouncements
arn:aws:sns:eu-west-1:705756202095:SecurityHubAnnouncements
arn:aws:sns:eu-west-2:883600840440:SecurityHubAnnouncements
arn:aws:sns:eu-west-3:313420042571:SecurityHubAnnouncements
arn:aws:sns:ca-central-1:137749997395:SecurityHubAnnouncements
arn:aws:sns:sa-east-1:359811883282:SecurityHubAnnouncements
arn:aws:sns:me-south-1:585146626860:SecurityHubAnnouncements
arn:aws:sns:af-south-1:463142546776:SecurityHubAnnouncements
arn:aws:sns:ap-northeast-1:592469075483:SecurityHubAnnouncements
arn:aws:sns:ap-northeast-2:374299265323:SecurityHubAnnouncements
arn:aws:sns:ap-northeast-3:633550238216:SecurityHubAnnouncements
arn:aws:sns:ap-southeast-1:512267288502:SecurityHubAnnouncements
arn:aws:sns:ap-southeast-2:475730049140:SecurityHubAnnouncements
arn:aws:sns:ap-southeast-3:627843640627:SecurityHubAnnouncements
arn:aws:sns:ap-east-1:464812404305:SecurityHubAnnouncements
arn:aws:sns:ap-south-1:707356269775:SecurityHubAnnouncements
arn:aws-cn:sns:cn-north-1:672341567257:SecurityHubAnnouncements
arn:aws-cn:sns:cn-northwest-1:672534482217:SecurityHubAnnouncements
<pre> <code> Both procedures that follow demonstrate how to subscribe a contact address to the Protection Hub Announcements topic utilizing the AWS Management Gaming console and the AWS CLI.</p>
<h4>A subscription a contact address to the Safety Hub Announcements topic (gaming console)</h4>
<ol>
<li>Register to the <a href=”https://system.aws.amazon.com/sns/v3/home” focus on=”_blank” rel=”noopener noreferrer”>Amazon SNS gaming console</the>.</li>
<li>In your community list, pick the same Region because the topic ARN to which you need to subscribe. The < can be used by this example;span>us-west-2</span> Area.</li>
<li>In the still left navigation pane, choose <strong>Subscriptions</strong>, choose < then;strong>Create membership</strong>.</li>
<li>In the <strong>Create registration</strong> dialog box, do the next:
</li>
<li>Choose <strong>Create membership</strong>.</li>
<li>In your e-mail application, open up the message from AWS Notifications and open up the link to verify your subscription. Your online browser shows a confirmation reaction from Amazon SNS, much like that shown in Number 1.
<div id=”attachment_26977″ course=”wp-caption aligncenter”>
<img aria-describedby=”caption-attachment-26977″ src=”https://d2908q01vomqb2.cloudfront.net/22d200f8670dbdb3electronic253a90eee5098477c95c23d/2022/08/29/img1-6-1024×304.png” alt=”Number 1: SNS notification subscription confirmation” width=”700″ course=”size-large wp-picture-26977″ />
<p id=”caption-attachment-26977″ course=”wp-caption-text”>Figure 1: SNS notification registration confirmation</p>
</div> </li>
</ol>
<p>The next steps show you how exactly to subscribe a contact address to the Protection Hub Announcements topic utilizing the <a href=”https://aws.amazon.com/cli/” focus on=”_blank” rel=”noopener noreferrer”>AWS Command Range User interface (AWS CLI)</the>.</p>
<h4>A subscription a contact address to the Safety Hub Announcements subject (AWS CLI)</h4>
<ol>
<li>Run the next order in the AWS CLI, replacing <period><your_email@illustration.com></span> together with your email, and optionally changing the ARN and mention of us-west-2 in order to use a different Area: <p>aws sns -area us-west-2 subscribe -topic-arn arn:aws:sns:us-west-2:393883065485:SecurityHubAnnouncements -protocol e-mail -notification-endpoint <period><your_email@instance.com></period></p> </li>
<li>In your e-mail application, open up the message from AWS Notifications and open up the link to verify your membership.</li>
<li>Your online browser shows a confirmation reaction from Amazon SNS, much like that shown in Figure 1.</li>
</ol>
<h2>Example subscription responses</h2>
<p>The next sections contain types of a message announcing fresh standard controls supported by Protection Hub in <period>email</period> and <period>sqs</period> protocol sorts.</p>
<h4>Example message from a contact subscription (protocol type: email)</h4>
<div course=”hide-language”>
<pre><program code> “AnnouncementType”:”NEW_STANDARDS_CONTROLS”, “Title”:”[New Controls] 36 new Security Hub controls added to the AWS Foundational Security Best Practices standard”, “Description”:”We have added 36 new controls to the AWS Foundational Security Best Practices standard. These include controls for Amazon Auto Scaling (AutoScaling.3, AutoScaling.4, AutoScaling.6), AWS CloudFormation (CloudFormation.1), Amazon CloudFront (CloudFront.10), Amazon Elastic Compute Cloud (Amazon EC2) (EC2.23, EC2.24, EC2.27), Amazon Elastic Container Registry (Amazon ECR) (ECR.1, ECR.2), Amazon Elastic Container Service (Amazon ECS) (ECS.3, ECS.4, ECS.5, ECS.8, ECS.10, ECS.12), Amazon Elastic File System (Amazon EFS) (EFS.3, EFS.4), Amazon Elastic Kubernetes Service (Amazon EKS) (EKS.2), Elastic Load Balancing (ELB.12, ELB.13, ELB.14), Amazon Kinesis (Kinesis.1), AWS Network Firewall (NetworkFirewall.3, NetworkFirewall.4, NetworkFirewall.5), Amazon OpenSearch Service (Opensearch.7), Amazon Redshift (Redshift.9), Amazon Simple Storage Service (Amazon S3) (S3.13), Amazon Simple Notification Service (SNS.2), AWF WAF (WAF.2, WAF.3, WAF.4, WAF.6, WAF.7, WAF.8). If you enabled the AWS Foundational Security Best Practices standard in an account and configured Security Hub to automatically enable new controls, these controls are enabled by default. Availability of controls can vary by Region.” </program code></pre>
</div>
<h4>Example information from an SQS queue subscription (protocol type: <period>sqs</period>)</h4>
<p>The next message shows the excess metadata incorporated with an SQS registration to the Security Hub Announcements topic. To learn more about the metadata contained in an SNS subject message sent to an SQS queue, notice <a href=”https://docs.aws.amazon.com/sns/newest/dg/sns-sqs-as-subscriber.html” focus on=”_blank” rel=”noopener noreferrer”>Fanout to Amazon SQS Queues</the>.</p>
<div course=”hide-language”>
<pre><code class=”lang-text”>
“Type” : “Notification”,
“MessageId” : “c9c03electronic46-69df-5c3c-84e9-6520708ac394”,
“TopicArn” : “arn:aws:sns:us-west-2:393883065485:SecurityHubAnnouncements”,
“Message” : “”AnnouncementType”:”NEW_STANDARDS_CONTROLS”,”Title”:”[New Controls] 36 new Security Hub controls added to the AWS Foundational Security Best Practices standard”,”Description”:”We have added 36 new controls to the AWS Foundational Security Best Practices standard. These include controls for Amazon Auto Scaling (AutoScaling.3, AutoScaling.4, AutoScaling.6), AWS CloudFormation (CloudFormation.1), Amazon CloudFront (CloudFront.10), Amazon Elastic Compute Cloud (Amazon EC2) (EC2.23, EC2.24, EC2.27), Amazon Elastic Container Registry (Amazon ECR) (ECR.1, ECR.2), Amazon Elastic Container Service (Amazon ECS) (ECS.3, ECS.4, ECS.5, ECS.8, ECS.10, ECS.12), Amazon Elastic File System (Amazon EFS) (EFS.3, EFS.4), Amazon Elastic Kubernetes Service (Amazon EKS) (EKS.2), Elastic Load Balancing (ELB.12, ELB.13, ELB.14), Amazon Kinesis (Kinesis.1), AWS Network Firewall (NetworkFirewall.3, NetworkFirewall.4, NetworkFirewall.5), Amazon OpenSearch Service (Opensearch.7), Amazon Redshift (Redshift.9), Amazon Simple Storage Service (Amazon S3) (S3.13), Amazon Simple Notification Service (SNS.2), AWF WAF (WAF.2, WAF.3, WAF.4, WAF.6, WAF.7, WAF.8). If you enabled the AWS Foundational Security Best Practices standard in an account and configured Security Hub to automatically enable new controls, these controls are enabled by default. Availability of controls can vary by Region. “”,
“Timestamp” : “2022-08-04T18:59:33.319Z”,
“SignatureVersion” : “1”,
“Signature” : “GdKokPEUexpKZn5da5u/p5eZF1cE3JUyL0uPVKmPnDzd3orkk5jJ211VsOflUFi6V9lSXF/V6RBpQN/9f3+JBFBprng7BRQwT9I4jSa1xOn1L3xKXEVGvWI6nl1oDqBl21Pj3owV+NZ+Exd2W0dpgg8B1LG4bYq5T73MjHjWGtelcBa15TpIz/+rynqanXCKCvc/50V/XZLjA5M7gU6Dzs9CULIjkdEpCsw5FvSxbtkEd6Ktx4LH7Zq6FlPKNli3EaEHRKh9uYPo6sR/yvF4RWg3Electronic9O4dVsK7A8uTdR+pwVCU1M601KMRxO1OWF8VIdvyPINJND8Nu/70GRA2L+MRA==”,
“SigningCertURL” : “https://sns.us-west-2.amazonaws.com/SimpleNotificationService-56e67fcb41f6fec09b0196692625d385.pem”,
“UnsubscribeURL” : “https://sns.us-west-2.amazonaws.com/?Activity=Unsubscribe&SubscriptionArn=arn:aws:sns:us-west-2:393883065485:SecurityHubAnnouncements:1eb29a83-8726-4366-891c-293ad5e35a53”
Take note: You should create the SQS access plan to ensure that SNS to push information to the SNS queue. To find out more, see Simple types of Amazon SQS plans .
Currently available
today in the Areas described in this article
The SNS topic for Safety Hub Announcements can be acquired. Sign up to stay informed of Protection Hub updates right now. With Amazon SNS, there is absolutely no minimum charge, and you also pay only for everything you use. To learn more, start to see the Amazon SNS pricing web page .
When you have feedback concerning this post, submit remarks in the Comments area below. Should you have questions concerning this write-up, get in touch with AWS Support . You can even take up a fresh thread on AWS Safety Hub re:Write-up to obtain answers from the city.
Want more AWS Protection news? Stick to us on Twitter .
<pre> <code> <!-- '"` -->
</code> </pre>