1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
The second aggregator is intended to catch accounts not managed by Control Tower and rules outside of Control Tower Guardrails.
The AWS Control Tower management account creates an organization-level aggregator, which assists in detecting external AWS Config rules, so that AWS Control Tower does not need to gain access to unmanaged accounts. The AWS Control Tower console shows you how many externally created AWS Config rules you have for a given account, and links you to the AWS Config console, where you can view details about those external rules.
beantwortet vor einem Jahr
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 4 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
Hi, Why the aws-controltower-ConfigAggregatorForOrganization aggregator is not created in Audit account as well? Due to AWS best practices for the management account: Use the management account only for tasks that require the management account.