Whats are the steps required for customer to enable Security Hub while setting up multi account

0

Hi,

My customer is working on going multi account and they want to disable Security Hub on their payer account and move to a centralized Security account. Whats the things to watch for / steps to be taken to get this going?

Thanks!

已提問 2 個月前檢視次數 127 次
2 個答案
1
已接受的答案

When moving from a single account Security hub to a multi account, the recommendation would be to Integrate Security hub with AWS Organizations. This would help automate and streamline the management of accounts. You can integrate with Organizations if you have more than one AWS account that uses Security Hub.

The two ways to enable AWS Security Hub is by integrating with AWS Organizations or manually.

  1. AWS Organizations: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html#securityhub-orgs-setup-overview
  2. Manually: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-settingup.html#securityhub-manual-setup-overview

In case you customer is choosing the manual route they can disable Security Hub from Payer account and enable it in the Security account. Please note the following before disabling The following occurs when you disable Security Hub for an account:

  1. No new findings are process for the account.
  2. After 90 days, your existing findings and insights and any Security Hub configuration settings are deleted and cannot be recovered.
  3. If you want to save your existing findings, you must export them before you disable Security Hub. For more information, see Effect of account actions on Security Hub data.Any enabled standards and controls are disabled. https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-disable.html
Ramya
已回答 2 個月前
profile picture
專家
已審閱 2 個月前
0

Great! Thanks Ramya

已回答 2 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南