1 Answer
- Newest
- Most votes
- Most comments
1
You should create a Security account and then from the organization main account enable Security Hub on that account, and then delegate the security account as the Admin. Then if you leverage organization that will automatically enroll the main account and allow you to leverage AWS organizations integration features as well with Security Hub. If you just setup a security account, and enabled Security Hub there, that's likely why you're seeing this.
Relevant content
- Accepted Answerasked 3 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated 7 months ago
I guess I didn't realize that if I delegate and specify the account ID of the Security Account, that I also had to enable SecurityHub on the organization main account. I thought it was either/or: either enable SecurityHub here OR delegate it, but apparently it's both. I enabled it now on the main account and now I can add it as a Member in the Security Account. On the main account it also shows the Security Hub dashboard, but when looking at Settings->Accounts, it says this account is managed by 'the Security account'. So that seems fine then, thanks!