Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AWS::SecurityHub::Standard] - [Enhancement] - increase DisabledStandardsControls max item count #2217

Open
pbudzon opened this issue Dec 18, 2024 · 0 comments
Open

[AWS::SecurityHub::Standard] - [Enhancement] - increase DisabledStandardsControls max item count #2217

pbudzon opened this issue Dec 18, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@pbudzon
Copy link

pbudzon commented Dec 18, 2024

Name of the resource

AWS::SecurityHub::Standard

Resource name

No response

Description

Since AWS has added a million and one VPC endpoints and shoved them all into the NIST standard in Security Hub, it would be nice if we could actually, programatically in a controlled way (that is, using IaC) control which of those endpoints actually make sense for our workloads. No sane person will create all 100+ endpoints for every possible service in every VPC they have.

Currently DisabledStandardsControls only allows for 100 items in the list. NIST Special Publication 800-53 Revision 5 standard currently has almost 400 controls in it, making the limit of 100 items very low. This should be increased, so we can have an IaC way of controlling which of the controls we want to keep enabled.

Other Details

No response
@pbudzon pbudzon added the enhancement New feature or request label Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pbudzon