Enabling new controls in enabled standards automatically
AWS Security Hub regularly adds new controls to standards. You can choose whether to automatically enable new controls in your enabled standards. If you do not automatically
enable new controls, then you must enable them manually. See Enabling and disabling controls in all standards.
Security Hub doesn't enable new controls when they are added to a standard that you disabled.
Choose your preferred access method, and follow the steps to automatically enable new controls in enabled standards.
- Security Hub console
-
- Security Hub API
-
Run UpdateSecurityHubConfiguration
.
To automatically enable new
controls for enabled standards, set AutoEnableControls
to true
. If you don't want to automatically enable
new controls, set AutoEnableControls
to false.
- AWS CLI
-
Run the update-security-hub-configuration
command.
To automatically enable new
controls for enabled standards, specify --auto-enable-controls
. If you don't want to automatically enable new
controls, specify --no-auto-enable-controls
.
aws securityhub update-security-hub-configuration --auto-enable-controls | --no-auto-enable-controls
Example command
aws securityhub update-security-hub-configuration --auto-enable-controls