AWS Security Hub is an API Key based integration and does not require the setup of an app.

Required Credentials of a Linked Account

To successfully connect with the AWS Security Hub integration, a Linked Account or an end-user will need to provide the following to connect:

  1. Access Key ID
  2. Secret access key
  3. Region

To understand how a Linked Account can get the above mentioned credentials, refer below.

Getting Credentials of AWS Security Hub

To acquire the required credentials and connect a Linked Account, please follow the steps mentioned below:

  1. Log in to your AWS account with SecurityHub permissions and copy the Region from the URL present before .console.
  2. Click on your Profile in the top right corner and click on Security Credentials.
  1. Scroll down to the Access Keys section and click on Create access key.
  1. Select a Use case > Click on Next and provide a name for the key under Description tag value and click on Create access key.
  2. Copy the Access Key and Secret access key displayed on the screen.

Save your Secret Key as it will be visible only once.

The Linked Account or end-user now have all the credentials required to connect with AWS Security Hub.

Actions and triggers

In Cobalt, you can create orchestrations of your use-cases using AWS Security Hub actions and triggers. Following are the set of AWS Security Hub actions and triggers supported by Cobalt.