🔷
AWS Config – Notifications
- Integrates with Amazon EventBridge to trigger real-time notifications when resources become non-compliant or undergo configuration changes.
Notification Capabilities:
- Reports:
- Configuration changes
- Compliance state changes
- Can route events to:
- Amazon SNS – send alerts to email, SMS, or other systems
- Amazon SQS – queue events for processing
- AWS Lambda – trigger automated remediation or workflows
Filtering:
- All events can be published to SNS.
- Filtering can be applied via SNS message filtering or handled client-side in subscribers.
Example:
- A security group is marked NON_COMPLIANT.
- AWS Config sends an event to EventBridge.
- EventBridge triggers a Lambda function or SNS notification to alert the administrator.