简体繁体 English

AWS GuardDuty 邀请

[英]AWS GuardDuty invitation

原文 2019-11-02 01:23:01 1 1 amazon-web-services/ amazon-guardduty

Do I need to enable GuardDuty in the "monitored" account before receiving the invitation?在收到邀请之前，我是否需要在“受监控”帐户中启用 GuardDuty？

I am trying to figure out whether or not the admin of the monitored account will be able to receive the invitation at all if the service is not enabled.我试图弄清楚如果服务未启用，受监控帐户的管理员是否能够收到邀请。

1 个解决方案

An member account joining a master account is done at the account level, not at the region level, and thus the member account will receive the invitation, regardless of the region(s) it is using services in.加入主账户的成员账户是在账户级别完成的，而不是在区域级别完成的，因此成员账户将收到邀请，无论它在哪个区域使用服务。

Regardless of the region an account is operating in, you should give serious consideration to enabling GuardDuty in all regions, even if you are not using a region.无论帐户在哪个区域运行，您都应该认真考虑在所有区域启用 GuardDuty，即使您没有使用某个区域。 As per the AWS documentation here , best practice is to enable GuardDuty in all regions:根据此处的 AWS 文档，最佳实践是在所有区域启用 GuardDuty：

It is highly recommended that you enable GuardDuty in all supported AWS regions.强烈建议您在所有受支持的 AWS 区域中启用 GuardDuty。 This allows GuardDuty to generate findings about unauthorized or unusual activity even in regions that you are not actively using.这允许 GuardDuty 生成有关未经授权或异常活动的调查结果，即使在您未积极使用的区域中也是如此。 This also allows GuardDuty to monitor AWS CloudTrail events for global AWS services such as IAM.这还允许 GuardDuty 监控全球 AWS 服务（例如 IAM）的 AWS CloudTrail 事件。 If GuardDuty is not enabled in all supported regions, its ability to detect activity that involves global services is reduced.如果未在所有受支持的区域中启用 GuardDuty，则其检测涉及全球服务的活动的能力会降低。