2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
1
I have been seeing this issue as well. At re:Invent this year I had many discussions around this and am working with an SA to demonstrate the problem. The SH Check Lags behind Control Tower protect that setting on Config in all regions that are not your primary/home. The alternative I am looking at currently is to globally disable the check with a description using this solution: https://github.com/aws-samples/aws-security-hub-cross-account-controls-disabler
Let me know if you have any questions on that. I have successfully deployed it and testing CIS checks currently.
답변함 일 년 전
0
Thanks, good to know that I'm not seeing things. The global enabler/disabler solution is interesting but I wish the SH team would make this a feature of delegated management.
답변함 일 년 전
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 2년 전