2 Antworten
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
1
I have been seeing this issue as well. At re:Invent this year I had many discussions around this and am working with an SA to demonstrate the problem. The SH Check Lags behind Control Tower protect that setting on Config in all regions that are not your primary/home. The alternative I am looking at currently is to globally disable the check with a description using this solution: https://github.com/aws-samples/aws-security-hub-cross-account-controls-disabler
Let me know if you have any questions on that. I have successfully deployed it and testing CIS checks currently.
beantwortet vor einem Jahr
0
Thanks, good to know that I'm not seeing things. The global enabler/disabler solution is interesting but I wish the SH team would make this a feature of delegated management.
beantwortet vor einem Jahr
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 10 Monaten