Posted On: Nov 26, 2023

AWS Config introduces a new natural language querying feature powered by generative AI, which simplifies the investigation and search of AWS resource configurations and compliance metadata. Now, you can ask questions in plain language such as "display all EC2 instances with the security group sg-ef678hk" or "show me all non-compliant S3 buckets in my organization." AWS Config will generate the equivalent advanced query written in SQL syntax, which customers can then run as-is, or fine-tune for even more granularity.

This feature empowers non-coders to independently and effectively query resource configurations, reducing the dependence on specialized teams for query creation and expediting data exploration for experts. As a result, exploration of configuration and compliance data in AWS Config becomes faster and simpler, accelerating incident investigations, and facilitating prompt remediations of non-complaint resources. For example, if Amazon Inspector flagged a potential vulnerability in a specific EC2 image, now you can search through resource configurations, explore inventory, and check compliance status without the need to learn complex SQL queries or understanding resource configuration specifics.

This feature is now available in preview in AWS US East (N. Virginia) and AWS US West (Oregon) Regions at no additional cost. To learn more and get started, please refer to the documentation.