- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Hey! I would say it depends on what you want to get out of the Security Hub integration. You CAN use "central configuration" which will enable you to deploy controls across multiple accounts easier. However, you can ONLY deploy controls through Control Tower. They will be part of the stndard and collected in the dashboard, but you can't enable or disable controls in Security Hub.
Or you can keep "central configuration" off. You would need to deploy in each account, but than you can enable "auto-enrollment" which will deploy standard controls in new ac accounts. If you choose this method you can use Security Hub to enable controls, and use various other features provided through "central configuration".
NOTE: The documentation says: Central configuration can't be used TO MANAGE Service-Managed Standard: AWS Control Tower. If you use central configuration, you can use ONLY the AWS Control Tower service to*** enable and disable ***controls in this standard for a centrally managed account.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa