/
AWS Organisational Link - Deployment

AWS Organisational Link - Deployment

Remediation in an AWS Organisation

Requirements

  1. Automate+ Deployed to Management Account

  2. Automate+ Deployed to AWS Central Security Hub Account

Steps

  1. Step up IAM roles

Uses a CloudFormation stack to create two new roles and update your existing role in the nominated account. We require a few details in order to create the required CloudFormation Stack.

At a high level the required CloudFormation stack performs:

  • The creation of the AWS role, "SixPillarAWSCloudFormationStackSetAdministrationRole" and a service managed StackSet, which creates a role named SixPillarAWSCloudFormationStackSetExecutionRole for all Organisational Unit (OU) members.

  • Updates to the existing "six-pillars-role" IAM role in the AWS management account.

  1. Deploy Stacksets

    Launch a new CloudFormation stack that configures AWS (ASR) Automated Security Response member stacks in the additional AWS accounts as part of your AWS Organisation Unit (OU)

    We require a few details in order to create two new AWS StackSets in your AWS account. Once you have provided the required details, click "Deploy StackSets" to start the process. This will take some time to complete, depending on the number of accounts and regions you select. Also note this is a automated process and you will not be able to monitor the progress of the deployment. However you can check the cloudformation stacksets in the AWS console.

    New StackSets:

    StackSet 1: ASR IAM roles required by each Auto Remediation Playbook

    StackSet 2: ASR Auto Remediation Playbooks