Posted On: Apr 29, 2022
AWS Audit Manager now allows use of custom rules from AWS Config to define custom controls in Audit Manager. Audit Manager users could already import pre-built, managed rules. Now, they are also able to leverage existing Custom Config rules and report these compliance checks directly. In order to do so, they must enable their AWS Config account through their preferred method of Config set up.
This feature enables IT security, compliance, and ops engineers to utilize AWS Config rules that they authored for compliance-monitoring purposes to also be used to monitor audit readiness. AWS Config users can either use predefined managed rules or construct custom rules in AWS Config to continuously monitor the configuration status of their resources. These capabilities that today enable security analysis, resource change tracking, and troubleshooting in AWS Config can be used for gathering compliance checks to serve audit needs as well. To achieve this, AWS Config custom rule checks are now sent to Audit Manager for audit reporting needs.
Audit Manager allows customers to use five data sources in their compliance reporting: Automated evidence from Cloudtrail logs, Resource configuration snapshots from direct API calls, Compliance checks from AWS Config and from Security Hub, and Manual evidence uploaded by customers to meet controls. This functionality allows current AWS Config users to expand their use of Audit Manager by allowing them to utilize their AWS Config custom rules to collect additional compliance checks. In order to enable this, Audit Manager users have to create assessments from predefined or custom frameworks. To create custom frameworks, users are required to first create custom controls. When customers set up custom controls in Audit Manager, they have to specify the data sources of these controls. Custom rules created in a customer’s AWS Config account are now available as drop-down list options in Audit Manager to be specified as data sources of these custom controls. AWS Config custom rules get mapped to custom controls in Audit Manager as their data sources. Changes in AWS Config rules like edit or delete are updated across both the services simultaneously, keeping all related departments on the same page.
This feature uses the standard Audit Manager pricing scheme and is available in all regions where AWS Audit Manager is available, specifically, US East (Ohio), US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland) and Europe (London).