The CloudFormation documentation for Security Hub is very limited. I wonder if it is possible to do the following in CloudFormation
- Enable Security Hub in specified accounts or all accounts for an organization. There’s a sample script to automate enabling Security Hub for multiple accounts but no CloudFormation implementation can be found: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-enable.html#securityhub-enable-multiaccount-script
- Enable finding aggregation It seems you can enable finding aggregation using console, CLI or API: https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation-enable.html
- Specify Delegated Administrator by account id
Yes, you can do all these things through a custom resource in CloudFormation in the form of a lambda function.