1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
The second aggregator is intended to catch accounts not managed by Control Tower and rules outside of Control Tower Guardrails.
The AWS Control Tower management account creates an organization-level aggregator, which assists in detecting external AWS Config rules, so that AWS Control Tower does not need to gain access to unmanaged accounts. The AWS Control Tower console shows you how many externally created AWS Config rules you have for a given account, and links you to the AWS Config console, where you can view details about those external rules.
répondu il y a un an
Contenus pertinents
- demandé il y a un mois
- demandé il y a 6 mois
- demandé il y a un an
- demandé il y a 9 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a un an
Hi, Why the aws-controltower-ConfigAggregatorForOrganization aggregator is not created in Audit account as well? Due to AWS best practices for the management account: Use the management account only for tasks that require the management account.