Comments (1)
AaronSchuetter
commented on August 10, 2024
The runbook for this remediation is generated with the code in your screenshot and does not require a runbook in remediation_runbooks.
You will find a SSM automation document called ASR-NIST80053R5_5.0.0_EC2.13. Looking at this document shows that this remediation uses the AWS managed SSM document, AWS-DisablePublicAccessForSecurityGroup, to perform the remediation. This requires no custom scripts in remediation_runbooks/scripts.
I have tested this remediation in us-gov-west-1 and was able to successfully remediate the finding with ASR.
This remediation may be failing for another reason in your account. You can check the SO0111-SHARR-Orchestrator Step Function execution for an error message to further debug.
from automated-security-response-on-aws.
Related Issues (20)
- Support remediations for the new Consolidated Control Findings format from AWS Security Hub HOT 1
- NIST80053 Security Standard HOT 2
- RDS.4 remediation failing to remediate HOT 2
- S3 urls must reference region in GovCloud HOT 2
- I think this line is wrong HOT 3
- An event occurred where StepFuntions "SO0111-SHARR-Orchestrator" could not be executed. HOT 2
- SC_SNS.2 Not executing due to wrong automation document HOT 2
- Addition of remediation runbooks that map to AFSBP, NIST SP 800-53 Rev. 5, PCI-DSS, CIS V1.2.0 and CIS V1.4.0 standards
- CIS 1.4.0 finding Eventbridge rule pattern not matching Security Hub event HOT 2
- Optional customer managed keys HOT 1
- Multi-Account multi-region setup - Failing ap-south-2 region HOT 3
- Print out the name of the SNS topic that a Notification is published to for clarity in the logs HOT 1
- Improve the SHARR notification messages to include more relevant info for administrators receiving the events HOT 2
- I think the FindInMapping here is wrong HOT 1
- The status of the checkSSMDocState response is NOTENABLED for all controls. HOT 2
- Please update the architecture diagram on GitHub main page. HOT 2
- DynamoDB table created by AdminStack is non compliant HOT 1
- Support for AWSFBP EC2.19 remediation. "Security groups should not allow unrestricted access to ports with high risk" HOT 1
- Test Issue Just to Test HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from automated-security-response-on-aws.