Posts about Dendron / Docs as Code / DevOps / Linux / AWS / PowerShell / Python / Automating All The Things. Opinions expressed are my own, not those of my employer.
Wow, awesome recommendations. I have looked at Pacu, heard of Macie, but never knew about Zelkova! Definitely going to take a look.
I'll make the correction about Security Hub. I seem to have misunderstood it to be something more like a suite that included AWS Config, when it's really a viewer of aggregated findings from other services.
EDIT / UPDATE: I didn't know that Zelkova worked as part of the underlying tech for the PUBLIC / not public display labels that eventually appeared within the AWS console in viewing S3, and relevant AWS Config rules. Thanks for the links!
Just to clarify when you turn on Security Hub is creates a handful of AWS Config rules for you based on the CIS baseline recommendation. So it does automate the creation of some AWS Config rules for you though just distinguishing that those compliance checks are from AWS Config and not Security Hub.
Posts about Dendron / Docs as Code / DevOps / Linux / AWS / PowerShell / Python / Automating All The Things. Opinions expressed are my own, not those of my employer.
Wow, awesome recommendations. I have looked at Pacu, heard of Macie, but never knew about Zelkova! Definitely going to take a look.
I'll make the correction about Security Hub. I seem to have misunderstood it to be something more like a suite that included AWS Config, when it's really a viewer of aggregated findings from other services.
EDIT / UPDATE: I didn't know that Zelkova worked as part of the underlying tech for the PUBLIC / not public display labels that eventually appeared within the AWS console in viewing S3, and relevant AWS Config rules. Thanks for the links!
Just to clarify when you turn on Security Hub is creates a handful of AWS Config rules for you based on the CIS baseline recommendation. So it does automate the creation of some AWS Config rules for you though just distinguishing that those compliance checks are from AWS Config and not Security Hub.
Ah! Okay, that makes more sense