Posted On: Feb 21, 2017
AWS Config Rules now supports seven new managed rules, which are predefined rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices.
The following managed rules are now supported:
- ec2-instance-detailed-monitoring-enabled
Checks whether detailed monitoring is enabled for EC2 instances. - ec2-managedinstance-inventory-blacklisted
Checks whether instances managed by Amazon EC2 Systems Manager are configured to collect blacklisted inventory types. - ec2-volume-inuse-check
Checks whether EBS volumes are attached to EC2 instances. Optionally checks if EBS volumes are marked for deletion when an instance is terminated. - acm-certificate-expiration-check
Checks whether ACM Certificates in your account are marked for expiration within the specified number of days. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import. - iam-user-group-membership-check
Checks whether IAM users are members of at least one IAM group. - iam-user-no-policies-check
Checks that none of your IAM users have policies attached. IAM users must inherit permissions from IAM groups or roles. - s3-bucket-ssl-requests-only
Checks whether S3 buckets have policies that require requests to use Secure Socket Layer (SSL).
Visit our product page for more information on AWS Config.