Search code examples
amazon-web-servicesaws-configaws-security-hub

Security hub reporting 'AWS Config should be enabled'

While reviewing security hub findings, I'm seeing the finding 'AWS Config should be enabled' even if the AWS config is already enabled. In the finding description the region is mentioned and I've verified for that particular region AWS config is already enabled. What might be the reason its still showing up in security hub.

Solution

  • Could be several things:

    • misconfigured or incorrect rule
    • propagation delay
    • if using AWS Config aggregator ensure it's set up correctly
    • if you have multiple accounts in AWS Org, make sure Config is enabled across all relevant accounts and not just the master
    • In addition to enabling Config, it should also be set up to monitor all resources.