{"slug":"iam-aws-securityhub","cloud":"aws","service":"securityhub","title":"AWS Security Hub (IAM)","description":"AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.","category":"security","common_permissions":["securityhub:DescribeHub","securityhub:GetFindings","securityhub:GetInsights","securityhub:ListMembers","securityhub:UpdateFindings","securityhub:GetInsightResults","securityhub:ListInvitations","securityhub:TagResource"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"securityhub:DescribeHub\",\n        \"securityhub:GetFindings\",\n        \"securityhub:GetInsights\",\n        \"securityhub:ListMembers\",\n        \"securityhub:UpdateFindings\",\n        \"securityhub:GetInsightResults\",\n        \"securityhub:ListInvitations\",\n        \"securityhub:TagResource\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid securityhub:* — grants full control including hub deletion and member management","Avoid securityhub:DeleteMembers and securityhub:DeleteInsight — can break security aggregation and monitoring"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/securityhub/securityhub.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:49:42.270Z","updated_at":"2026-06-14T04:49:42.270Z"}