add Security Hub data collection (#199)

* Initial Security Hub Module created

* moved to deploy

* update to data-collection - added securityhub

* added securityhub description in the table

* added kinesis and Event bridge details

* fixed template URL

* KinesisfirehoseRole fixed

* added SecurityHub details in Readme

* removed step function

* removed stepfunction reference

* remove  import ClientError

* renamed module to securityhub

* add sh to test

* fix errors in sh

* fix permissions

* upgrade lambda runtime

* minor changes

* fix lint

* use table

* refactoring params and add test

* sechub-backfill

* fixed a few things on security hub backfill

* move sh to standalone

* move sh to standalone

* minor refactoring and add parameter titles

* add a custom resource to trigger the backfill

* refactor backfill

* fix security permissions

* Update module-securityhub.yaml

* Fix the issue with ReplicationPolicy (#205)

Changed "Resource" arn in "ReplicationPolicy" for "ReplicationRole" to "arn:${AWS::Partition}:s3:::${DestinationBucketPrefix}${SendDataToAccountID}-security-hub/${CFDataName}/*"

---------

Co-authored-by: Iakov GAN <[email protected]>

* add option and security checks

* add some comments

* refactor transformation lambda

* align backfill with data transformation

* add imports

* revert

* revert

* bump version

* fix difference in low/upper case tags

* add linter

* add new lines

* Make a better backfill

* AppSec recommendation to add ExpectedBucketOwner condition (#306)

https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-owner-condition.html

---------

Co-authored-by: yashbindlish <[email protected]>
Co-authored-by: Yash Bindlish <[email protected]>
Co-authored-by: samegarg <[email protected]>
Co-authored-by: Pablo Pagani <[email protected]>

Author: 5 people