AWS Config

  • A detailed view of the configuration of AWS resources (EC2, EBS, security group, VPC, etc.)
  • A complete list of supported services is available in AWS documentation

With AWS Config you can:

  • Evaluate resource configurations for desired settings
  • Get a snapshot of the current configurations associated with your account
  • Retrieve configurations of resources in your account
  • Retrieve past configurations
  • Receive notifications for creations, deletions, and modifications
  • View relationships between resources (e.g., members of a security group)

Uses of AWS Config

  • Administering resources
    • Receive a notification when a resource violates configuration rules
  • Auditing and compliance
    • Records of configurations are sometimes needed for audits
  • Configuration management and troubleshooting
    • Configuration changes on one resource might affect others
    • Can help find these issues quickly and restore last known good configuration
  • Security analysis
    • Allows for records of IAM policies
    • For example, what permissions a user had at the time of an issue
      • Allows for records of security group configurations