A company has 10 accounts that are part of an organization in AWS Organizations. AWS Config is configured in each account. All accounts belong to either the Prod OU or the NonProd OU.
The company has set up an Amazon EventBridge rule in each AWS account to notify an Amazon Simple Notification Service (Amazon SNS) topic when an Amazon EC2 security group inbound rule is created with 0.0.0.0/0 as the source. The company’s security team is subscribed to the SNS topic.
For all accounts in the NonProd OU, the security team needs to remove the ability to create a security group inbound rule that includes 0.0.0.0/0 as the source.
Which solution will meet this requirement with the LEAST operational overhead?
masetromain
Highly Voted 2 years, 2 months agomasetromain
2 years, 2 months agoMikelH93
1 year, 10 months agomifune
11 months, 1 week agob3llman
1 year, 7 months agoaokaddaoc
1 year, 4 months agoMaria2023
Highly Voted 1 year, 9 months agotgv
2 months agob3llman
1 year, 7 months agodqwsmwwvtgxwkvgcvc
1 year, 7 months agovn_thanhtung
1 year, 7 months agovn_thanhtung
1 year, 7 months agolongns
1 year, 6 months agoMalcnorth59
10 months, 1 week agotgv
Most Recent 2 months agoTorTo
2 months agoaltonh
2 months, 3 weeks agogrumpysloth
3 months, 2 weeks agochipimbiri
4 months agosashenka
6 months agoattila9778
3 months, 3 weeks agoamministrazione
7 months ago[Removed]
7 months agoMAZIADI
7 months, 3 weeks agoasquared16
8 months, 3 weeks agodzidis
9 months agoteo2157
10 months agoMalcnorth59
10 months, 1 week agosse69
10 months, 3 weeks agoSmart
11 months, 1 week ago