1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
The second aggregator is intended to catch accounts not managed by Control Tower and rules outside of Control Tower Guardrails.
The AWS Control Tower management account creates an organization-level aggregator, which assists in detecting external AWS Config rules, so that AWS Control Tower does not need to gain access to unmanaged accounts. The AWS Control Tower console shows you how many externally created AWS Config rules you have for a given account, and links you to the AWS Config console, where you can view details about those external rules.
con risposta un anno fa
Contenuto pertinente
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
Hi, Why the aws-controltower-ConfigAggregatorForOrganization aggregator is not created in Audit account as well? Due to AWS best practices for the management account: Use the management account only for tasks that require the management account.