Automating Findings Identified by AWS Security Hub

30 minutes
  • 5 Learning Objectives

About this Hands-on Lab

This hands-on lab focuses on AWS Security Hub findings and how you can create an automated response to these findings. The automation will be facilitated by EventBridge and SNS.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Enable AWS Security Hub
  • Enable AWS Config first
  • Then, enable AWS Security Hub
Create an SNS Topic

Create an SNS topic for Security Hub findings

  • Subscribe via email to the created topic
  • Navigate to your email and confirm the subscription (You will receive a confirmation email.)
Create an EventBridge Rule
  • Link to an EventBridge event
  • Link to the previously created SNS topic
Create Resources to Generate Findings

Create an EC2 security group

  • Make sure the ingress on port 22 is set to
Verify Automation

Navigate to your email and ensure receipt of Security Hub findings

Additional Resources

Your company is pleased with your initial tests using Security Hub. Your CIO is really excited about the potential of Security Hub and asks if there is a way to send emails of Security Hub findings to the management group. You are tasked with setting up an automation using EventBridge and Simple Notification Service that will allow subscribers to receive emails of Security Hub findings.

Make sure you are using the us-east-1 Region throughout the lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?