Andy
Just curious, but is there a best practice for AWS Config to manage it in an account from a parent AWS account? We would want a parent account where our security folks would work to be able to control the Config configuration for a child account(s) and receive the Config compliance data for the child account(s). We would ideally also like the Lambda functions that fire when Config rules are violated to run out of the parent account and not the child account(s).