From bb724cd7783ae3e645cbbb4468b367fc5095cb53 Mon Sep 17 00:00:00 2001
From: nozaq <code@nozaq.com>
Date: Sat, 3 Dec 2022 09:56:19 +0900
Subject: [PATCH] feat: enable CIS benchmark v1.4.0 standard (#308)

---
 modules/securityhub-baseline/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/securityhub-baseline/main.tf b/modules/securityhub-baseline/main.tf
index c929047b..bb87b7e6 100644
--- a/modules/securityhub-baseline/main.tf
+++ b/modules/securityhub-baseline/main.tf
@@ -43,7 +43,7 @@ resource "aws_securityhub_invite_accepter" "invitee" {
 resource "aws_securityhub_standards_subscription" "cis" {
   count = var.enable_cis_standard ? 1 : 0
 
-  standards_arn = "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
+  standards_arn = "arn:aws:securityhub:${data.aws_region.current.name}::standards/cis-aws-foundations-benchmark/v/1.4.0"
 
   depends_on = [aws_securityhub_account.main]
 }