Description
Bug reports which fail to provide the required information will be closed without action.
Required Basic Info
- Accelerator Version: 1.5.8-d
- Install Type: Clean
Describe the bug
Activating Security Hub standards (CIS Benchmark 1.4.0 and NIST 800-53) failed on all workload accounts, except core accounts (Security, Operations,.)
Failure Info
No errors in logs. After adding the Security standards, the SM runs successfully. However, in the workload accounts, the Cloudformation stack "ASEA-Account-Phase3" is not getting updated and the Lambda function '/aws/lambda/ASEA-Account-Phase3-CustomSecurityHubEnableLambdaxxxxx' is not getting invoked when the SM is executed.
The SM was executed twice to enable the standards:
the first time without the “controls-to-disable” and the second time with empty “controls-to-disable ”.
.
Required files
SH-additional-standards.json
The full config file will be attached asap.
Steps To Reproduce
- Enable the security Hub standards CIS Benchmark 1.4.0 and NIST 800-53
Expected behavior
Ensure that the new standards become active on all accounts (Core accounts and members).
Screenshots
Additional context
The same behavior was not reproduced in other test environments running the same version.
The behavior is unusual because the new SH standards are activated only on a specific set of accounts (the core accounts).
We tried to disable one of the active standards (CIS benchmark 1.2.0), it was deactivated only on the core accounts.