To configure central configuration for Security Hub in an AWS Organization, the SysOps administrator must ensure it’s set up centrally.
Options:
A.
Enable Security Hub in the organization's management account. Configure Security Hub central configuration.
B.
Enable Security Hub in the organization's management account. Configure and integrate AWS Trusted Advisor. Configure Security Hub from an opt-in Region.
C.
Delegate an AWS account that is not the organization's management account as the Security Hub administrator. Configure Security Hub central configuration.
D.
Delegate an AWS account that is not the organization's management account as the Security Hub administrator. Configure and integrate AWS Trusted Advisor. Configure Security Hub from an opt-in Region.
To centrally manage Security Hub across an organization, AWS allows you to delegate a member account as the Security Hub administrator. This enables centralized configuration and security insights without directly using the management account, which is a best practice.
Delegating a Non-Management Account: AWS recommends using a designated Security Hub administrator account (different from the management account) for central security configurations.
Security Hub Central Configuration: Configuring Security Hub in this manner ensures that security findings from all member accounts are consolidated and manageable from the designated administrator account.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit