implementing-aws-security-hub-compliance
Installation
SKILL.md
Implementing AWS Security Hub Compliance
When to Use
- When establishing centralized security posture management across multiple AWS accounts
- When compliance requirements demand continuous monitoring against CIS, PCI DSS, or NIST 800-53 standards
- When aggregating findings from GuardDuty, Inspector, Macie, Firewall Manager, and third-party tools
- When building automated remediation workflows triggered by security findings
- When executive stakeholders require a security compliance dashboard across the organization
Do not use for real-time threat detection (use GuardDuty), for vulnerability scanning (use Inspector), or for data classification (use Macie). Security Hub aggregates findings from these services but does not replace them.
Prerequisites
- AWS Organizations with delegated administrator for Security Hub
- IAM permissions for
securityhub:*,config:*,events:*, andlambda:* - AWS Config enabled in all target accounts and regions (required by Security Hub)
- CloudFormation StackSets or Terraform for multi-account deployment
- SNS topics configured for alert routing to security team