Get started with AWS Security Hub integration

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Activate and set up the AWS Security Hub findings integration for Security Operation plug-in to interface with your ServiceNow® instance and Security Incident Response product.

    Avant de commencer

    Role required: sn_si.admin

    Before you can use the AWS Security Hub integration, you must download it from the ServiceNow Store.

    Pourquoi et quand exécuter cette tâche

    Review the following setup checklist and verify that you’ve completed all the tasks for a smooth integration.

    Tableau 1. Checklist
    Assign and verify the required ServiceNow® platform and Security Incident Response roles. The following roles are required for configuration and verification of the expected results:
    • The admin role installs the integration from the ServiceNow Store and assigns the sn_si.admin role.
    • The sn_si.admin role performs the following tasks:
      • Configures the integration.
      • Creates incident profiles.
      • Maps the AWS Security Hub finding data fields to the security incident fields.
      • Schedules on-going incident ingestion.
      • Enables incident updates when a Security Incident Response incident is created or closed.
    Assign the AWS Security Hub required roles. The following roles are required in AWS Security Hub to register and configure your application:
    • SecurityHubReadOnlyAccess
    • SecurityHubFullAccess
    Review the AWS Security Hub integration settings Navigate to All > AWS Security Hub findings integration > AWS Security Hub Findings Integration Settings.

    Review or modify the properties settings according to your requirement.
    Configure your application in the AWS portal. Register your application in the AWS portal and grant your users with read and write access to the application.

    Refer to the following topics for more information: