You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+11-5Lines changed: 11 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -48,6 +48,10 @@ v1.0.0.
48
48
<aname="customizing-the-solution"></a>
49
49
# Customizing the Solution
50
50
51
+
**Note**: Customization of AWS Security Hub Automated Response and Remediation is not yet documented. If your goal is just to deploy the solution, please use the template on the [AWS Security Hub Automated Response and Remediation Landing Page](https://aws.amazon.com/solutions/implementations/aws-security-hub-automated-response-and-remediation/). *There is no need to build the solution from source.*
52
+
53
+
If you choose to continue, please be aware that reading and adjusting the source code will be necessary.
54
+
51
55
<aname="prerequisites-for-customization"></a>
52
56
## Prerequisites for Customization
53
57
@@ -81,6 +85,8 @@ AWS Solutions use two buckets: a bucket for global access to templates, which is
81
85
* One regional bucket for each region where you plan to deploy using the name of the global bucket as the root, and suffixed with the region name. Ex. "mybucket-us-east-1"
82
86
* Your buckets should be encrypted and disallow public access
83
87
88
+
**NOTE**: When creating your buckets, ensure they are not publicly accessible. Use random bucket names. Disable public access. Use KMS encryption. And verify bucket ownership before uploading.
89
+
84
90
**Build the solution**
85
91
86
92
From the *deployment* folder in your cloned repo, run build-s3-dist.sh, passing the root name of your bucket (ex. mybucket) and the version you are building (ex. v1.0.0). We recommend using a semver version based on the version downloaded from GitHub (ex. GitHub: v1.0.0, your build: v1.0.0.mybuild)
@@ -102,12 +108,12 @@ Confirm that all unit tests pass.
102
108
103
109
**Upload to your buckets**
104
110
105
-
Run upload_s3_dist.sh, passing the name of the region where you want to deploy the solution (ex. us-east-1). Note that this prepares your templates for deployment, but does not do the actual deployment in your account.
106
-
```
107
-
cd ./deployment
108
-
./upload_s3_dist.sh <region>
109
-
```
111
+
**NOTE**: Verify bucket ownership before uploading.
112
+
---
113
+
114
+
By default, the templates created by build-s3-dist.sh expect the software to be stored in **aws-security-hub-automated-response-and-remediation/v\<version\>**. If in doubt, view the template.
110
115
116
+
Use a tool such as the AWS S3 CLI "sync" command to upload your templates to the reference bucket and code to the regional bucket.
0 commit comments