🔶
AWS Config
- Tracks the configuration state of AWS resources and how it changes over time, enabling auditing, compliance checks, and change tracking.
- Detects non-compliant configurations, such as unrestricted SSH access in security groups, public S3 buckets, or misconfigured ALB settings.
Key Features
- Configuration recording: Captures the current state and changes for supported resources.
- Compliance evaluation: Compares resources against predefined or custom rules.
- Notifications: Sends SNS alerts when changes or compliance violations occur.
- Aggregation: Can centralize data across multiple regions and accounts.
- Storage and analysis: Saves configuration history to S3 and queries it using Athena.
Common Use Cases
- Security audits for misconfigurations.
- Change tracking to identify who changed what and when.
- Compliance reporting for standards like PCI DSS, HIPAA, or CIS Benchmarks.
🔷
AWS Config Rules🔷
AWS Config – Resource Details🔷
AWS Config – Remediations🔷
AWS Config – Notifications🔷
CloudWatch vs CloudTrail vs AWS Config