21694f866e
- removed the branch checkout - moved all the commands to the install phase per comments by w0rmr1d3r
Install Security Baseline Kickstarter with Prowler
Introduction
The following demonstartes how to quickly install the resources necessary to perform a security baseline using Prowler. The speed is based on the prebuilt terraform module that can configure all the resources necessuary to run Prowler with the findings being sent to AWS Security Hub.
Install
Installing Prowler with Terraform is simple and can be completed in under 1 minute.
-
Start AWS CloudShell
-
Run the following commands to install Terraform and clone the Prowler git repo
git clone https://github.com/singergs/prowler.git git fetch cd prowler git checkout -t origin/terraform-kickstarter sudo yum install -y yum-utils sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo sudo yum -y install terraform cd terraform-kickstarter -
Issue a
terraform init -
Issue a
terraform apply
- It is likely an error will return related to the SecurityHub subscription. This appears to be Terraform related and you can validate the configuration by navigating to the SecurityHub console. Click Integreations and search for Prowler. Take noe of the green check where it says Accepting findings
Thats it! Install is now complete. The resources included a Cloudwatch event that will trigger the AWS Codebuild to run daily at 00:00 GMT. If you'd like to run an assessment after the deployment then simply navigate to the Codebuild console and start the job manually.
