Comments (3)
4ndr4s
commented on August 10, 2024
Were you able to figure out ?
from aws-security-hub-cross-account-controls-disabler.
learningpool-jonathan
commented on August 10, 2024
This happens when there are controls on the member account that are not in the admin account and it ends up messing up the syncing.
I added some code to check the control id's match.
`if admin_key == member_key:
# Same security standard
# Create dictionaries to map ControlId to control objects for admin and member controls
admin_controls_dict = {control["ControlId"]: control for control in admin_controls[admin_key]}
member_controls_dict = {control["ControlId"]: control for control in member_controls[member_key]}
for admin_control_id, admin_control in admin_controls_dict.items():
# Check if the admin control exists in the member controls
if admin_control_id in member_controls_dict:
member_control = member_controls_dict[admin_control_id]`
from aws-security-hub-cross-account-controls-disabler.
4ndr4s
commented on August 10, 2024
@learningpool-jonathan how it comes that controls are not the same across different accounts? if you are enabling the same standards controls should be the same across the org, at least per region, there are some controls that are for global resources, for this case I added some logic to evaluate if the control is available in that region. besides being able to enable/disable global controls. as described here
from aws-security-hub-cross-account-controls-disabler.
Related Issues (11)
- AWS Security Hub consolidated controls view HOT 1
- Possibility to control regions in exclusions HOT 1
- multiple regions
- Newly disabled controls not being worked HOT 1
- Unexpected behavior due to addition of controls due to AWS update
- How can i automatically add the members accounts list in dyanamodb table HOT 8
- Pagination error in the UpdateMember Lambda function
- Found a bug in exception loop HOT 2
- Checks no longer disabling HOT 2
- get member function includes disabled AWS accounts HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-security-hub-cross-account-controls-disabler.