ClickOps #10 - Use Security Hub CSPM as Event Bus

I like to use Security Hub CSPM as a security event bus to centralize alerts from multiple accounts and regions to a single location.

First, delegate administration to a new Security Hub account before enabling it in the management account.

Security Hub is notorious for automatically enabling security standards that I prefer to be disabled by default. AWS Config is a dependency for security standards evaluations.

I also shut off the auto-enablement of new security controls.

Start Centralized Configuration

If you receive any errors, you will likely need to remove the centralized configuration policy and the delegated administrator before re-applying.