1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
By default config recording is not turned on in the Master Account (root). A quick glance at the link you provided highlights some of them are prior to organization features which have been introduced for SecurityHub and IAM Access Analyzer. This feature will allow you to delegate these services to another account as noted in the here for SecurityHub and here for IAM Access Analyzer.
So one option is to enable Config on the Master Account although it is better to delegate these services to an account outside of the Master Account. If you delegate these services and also enable organizations for SecurityHub any new account vended via Control Tower will be added.
beantwortet vor 2 Jahren
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren