AWS Control Tower now includes an organization-level aggregator, which assists in detecting external AWS Config rules. This will provide you with visibility in the AWS Control Tower console to see externally created AWS Config rules in addition to those AWS Config rules created by AWS Control Tower. The use of the aggregator enables AWS Control Tower to detect this information and provide a link to the AWS Config console without the need for AWS Control Tower to gain access to unmanaged accounts.

Categories: AWS