Today, AWS announces expanded AWS CloudFormation support for AWS Security Hub, which allows you to use CloudFormation to deploy Security Hub and manage its standards and controls. Using the updated AWS::SecurityHub::Hub resource, you can now enable Security Hub, decide if it should be provisioned with default standards (the AWS Foundational Security Best Practices and CIS Foundations Benchmark version 1.2), and opt into its Consolidated Control Findings capability. You can also use the new AWS::SecurityHub::Standard resource to enable specific security standards such as NIST 800-53 or PCI DSS and manage individual controls in them. This expanded integration is available in all AWS Regions where Security Hub and CloudFormation are available.
Source:: Amazon AWS