- 最新
- 投票最多
- 评论最多
Hey! I would say it depends on what you want to get out of the Security Hub integration. You CAN use "central configuration" which will enable you to deploy controls across multiple accounts easier. However, you can ONLY deploy controls through Control Tower. They will be part of the stndard and collected in the dashboard, but you can't enable or disable controls in Security Hub.
Or you can keep "central configuration" off. You would need to deploy in each account, but than you can enable "auto-enrollment" which will deploy standard controls in new ac accounts. If you choose this method you can use Security Hub to enable controls, and use various other features provided through "central configuration".
NOTE: The documentation says: Central configuration can't be used TO MANAGE Service-Managed Standard: AWS Control Tower. If you use central configuration, you can use ONLY the AWS Control Tower service to*** enable and disable ***controls in this standard for a centrally managed account.
相关内容
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前