icon-zcspm.svg
ZCSPM

Decommission Remediation for AWS

To decommission the ZCSPM remediation framework for AWS security policies:

    1. Log into the ZCSPM Admin Portal as a License Admin.
    2. Select a license and cloud account using the drop-down menus.
    3. Navigate to Configurations > Security Policies.
    4. Select the Cloud Account level tab.
    5. Select Remediation Available from the filter menu.
    6. Disable policies for remediation.
    7. Click Save.

    View the configure account remediation button on ZCSPM

    Close
    1. Log into the ZCSPM Admin Portal as a License Admin.
    2. Select a license and cloud account using the drop-down menus.
    3. Select the Configure icon, then click Configure Account Remediation.

    View the configure account remediation button on ZCSPM

    1. Disable the Remediation State.
    2. Click Save.
    Close
  • Delete the ZCSPM remediation framework deployment bucket on your AWS console:

    1. Log into the AWS Console.
    2. Search for a deployment bucket with the name cn-rem-env-acc_sha, and includes the following tag names and values:
      • aws:cloudformation:stack-name: cn-rem-env−acc_sha >
      • aws:cloudformation:logical-id: S3Bucket
      • Description: ZCSPM automatic remediation solution for making cloud resource compliant
      • aws:cloudformation:stack-id: arn:aws:cloudformation:us-west-1:<AWSAccountID>:stack/cn-rem-env−acc_sha
      • ServiceName: auto-remediation-deployment-bucket
    3. Delete the deployment bucket.
    Close
  • If you have set up multi-account remediation, you need to remove the multi-account remediation configuration before you decommission the remediation framework:

    1. Log in to the AWS console as an Account Admin and select the CloudShell icon.
    2. Clone the AWS remediation framework from GitHub using the following command:
    git clone https://github.com/Cloudneeti/aws-auto-remediation
    1. Go to the remediation framework repository using the following command:
    cd aws-auto-remediation/multi-mode-remediation
    1. Remove the multi-account remediation configuration using the following command:
    bash decommission-multi-mode-remediation.sh -a <AWS-account-id> -p <primary-deployment-region> -e <ZCSPM-environment-prefix> -s <list-of-secondary-deployment-regions>
    • (-a) Account Id: Enter the 12-digit AWS Account ID of the account where you want the multi-account remediation framework to be decommissioned.
    • (-p) Primary AWS Region where the main framework needs to be deployed.
    • (-e) Environment Prefix: Enter any suitable prefix for your deployment.
    • (-s) Secondary AWS Regions: List of regions where auto remediation needs to be enabled in the programmatic format (e.g., us-east-1). Enter ‘all’ for all regions deployment or ‘na’ if you do not want to configure auto remediation in other regions.

    To decommission the remediation framework:

    1. Log in to the AWS console as an Account Admin and select the CloudShell icon.
    2. Clone the AWS remediation framework from GitHub using the following command:
    git clone https://github.com/Cloudneeti/aws-auto-remediation
    1. Go to the remediation framework repository using the following command:
    cd aws-auto-remediation
    1. Decommission remediation framework in AWS account using the following command:
    bash decommission-remediation-framework.sh -a <AWS-account-id> -p <primary-deployment-region> -e <ZCSPM-environment-prefix> -s <list-of-secondary-deployment-regions>
    • (-a) Account Id: Enter the 12-digit AWS Account ID of the account where you want the multi-account remediation framework to be decommissioned.
    • (-p) Primary AWS Region where the main framework needs to be deployed.
    • (-e) Environment Prefix: Enter any suitable prefix for your deployment.
    • (-s) Secondary AWS Regions: List of regions where auto remediation needs to be enabled in the programmatic format (e.g., us-east-1). Enter ‘all’ for all regions deployment or ‘na’ if you do not want to configure auto remediation in other regions.
    Close
Related Articles
Configuring Auto Remediation for AWSDecommission Remediation for AWS