[wagnerperon]

Up

0

Down

Hi.
I need to configure Auto Remediation to multiple accounts using AWS Organization.
I will use AWS Config to create using API multiple rules and share these rules to others accounts, but I don’t know how I can share auto remediation configuration to accounts without connecting one by one accounts.
Thanks
Wagner

[abdulk]

Up

2

Down

Hi Wagner,

I believe that Organization Config Rules do not currently support remediation settings. But you can accomplish what you’re looking for by using CloudFormation or Terraform and deploying the same template to multiple accounts (e.g. template: https://asecure.cloud/a/ar_ssm_ec2_eip_unattached/)

If you already use CloudFormation StackSets, that would be an easy method to deploy the same template across many accounts at once. Otherwise, you can use a deployment pipeline for Terraform or CloudFormation templates.

Another option to consider if you’re goal is auto-remediation across many accounts in an Organization is the following pre-packaged solution from AWS which configures Security Hub and Auto Remediation rules in a multi-account environment: https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/

Hope this helps!

[Osman]

Up

0

Down

StackSets would be the way to go if you are a CloudFormation shop or i would try to script this deployment using AWSCli.

[Author]

Posts