- Newest
- Most votes
- Most comments
Hello,
AWS Config is something that you are looking for & you might want to consider. Read through the link below for all the details & necessary information.
Link- https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_manage-rules.html -- [1]
You can implement custom AWS Config rules to cover use cases that are specific to your organization. However, these controls are not implemented as AWS Control Tower controls. Instead, these controls are implemented as custom AWS Config rules outside of AWS Control Tower. And since you are managing hundreds of account, AWS Config Conformance Pack may work for your case. https://docs.aws.amazon.com/config/latest/developerguide/conformance-packs.html https://aws.amazon.com/blogs/mt/extend-aws-control-tower-governance-using-aws-config-conformance-packs/
Relevant content
- asked 6 months ago
- asked a year ago
AWS OFFICIALUpdated 3 years ago- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago
Hi Chirag, the issue is our accounts are in control tower environment and in control tower there are no options to add config rules other than Predefined ones, in those predefined ones there is non for security groups. How can we enable more config rules at organisation level e.g. security group verification rules.
I have the option to enable this ar per account level but not at aggregator level, but there are hundreds of account and it is not feasible to have this one by one for each account.