- 最新
- 最多得票
- 最多評論
Hey! I would say it depends on what you want to get out of the Security Hub integration. You CAN use "central configuration" which will enable you to deploy controls across multiple accounts easier. However, you can ONLY deploy controls through Control Tower. They will be part of the stndard and collected in the dashboard, but you can't enable or disable controls in Security Hub.
Or you can keep "central configuration" off. You would need to deploy in each account, but than you can enable "auto-enrollment" which will deploy standard controls in new ac accounts. If you choose this method you can use Security Hub to enable controls, and use various other features provided through "central configuration".
NOTE: The documentation says: Central configuration can't be used TO MANAGE Service-Managed Standard: AWS Control Tower. If you use central configuration, you can use ONLY the AWS Control Tower service to*** enable and disable ***controls in this standard for a centrally managed account.
相關內容
- 已提問 6 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前