How to set up a recurring Security Hub summary email?

Question

I have this recurring Security Hub email setup in all my accounts and they have been working great. I followed the directions from this AWS Security blog post-
https://aws.amazon.com/blogs/security/how-to-set-up-a-recurring-security-hub-summary-email/

Just this past weekend I got a notification that AWS is going end of support for Node.js 12 runtime. After some tracking down, I found out that this function which sends the email is using Node.js 12.

I am not a developer and cannot recreate this in Node.js 16, as is required by the AWS warning email.

Since this is from AWS employees, will someone be updating this so that it doesnt go unsupported (maintenance and patching will end) by the AWS Lambda team?

Answer

hello @Jairov,

That you for posting this question.  We will update the runtime and push an update to the github repo that contains the sample code.

The good news is the emails are not at risk of ceasing to deliver because of this issue.  The solution creates two lambda functions when deployed: CustomInsightsFunction (Node.js) and SendSecurityHubSummaryEmail (Python).  The CustomInsightsFunction (Node.js) is a Lambda function that is a [custom resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources-lambda.html) of the CloudFormation Deployment and only runs when the stack is created, updated, or deleted.  Its purpose is to setup the Security Hub Custom Insights that are the data source of the email, not to send the email, and once setup the custom insights do not need modification.

Kavita and I are investigating the easiest way to update the runtime and will post the answer here and in the [GitHub repository](https://github.com/aws-samples/aws-security-hub-summary-email).

Thanks,
-Justin

How to set up a recurring Security Hub summary email?

Relevant content