Posted On: Sep 6, 2016
AWS Config continuously records configuration changes to resources in your AWS account and provides you a history of how your resources were configured in the past. On the Config timeline for resources recorded by AWS Config, you can now view associated API events tracked by AWS CloudTrail. The API events contain relevant details such as the name of the API, user identity of the caller, and the time at which the API call was made. You can use this information to correlate the API calls that may have resulted in the configuration changes recorded by AWS Config.
For example, you can navigate to the Config timeline for an EC2 instance in your account and view the API events associated with the EC2 instance to determine the user identity of the caller who may have created or modified the instance. You can then navigate to the CloudTrail console to view additional details such as the IP address of the caller. Similarly, from the CloudTrail console you can navigate to the Config timeline of other resources referenced in API call to view the configuration changes for those resources.