Category: AWS Config

The AWS Config rules feature enables you to define in code the desired configuration of your AWS resources. For example, you can check that your Amazon S3 buckets are not publicly accessible or that your instances are associated with a security group. While Config offers a set of prebuilt (managed) rules that represent common best […]

To help customers rapidly prototype, develop, and deploy their custom AWS Config rules at scale, AWS introduces a new version of the AWS Config Rule Development Kit (RDK). The RDK is a command-line utility designed to help you to shorten your security and compliance feedback cycles when using Config. It helps you build a continuous […]

Recently, AWS Config announced support for Auto Scaling groups. You can now track configuration changes in Auto Scaling groups, such as minimum, maximum, and desired capacities, termination policies, scaling policies, subnets, and instance protection settings. You can also use a new managed AWS Config rule to check whether the Auto Scaling groups associated with your […]

Recently, AWS Config announced support for Classic Load Balancer in all public regions and AWS GovCloud (US). You can now start tracking the current and historical configurations of your Classic Load Balancers, and get notified via Amazon SNS when your configurations change. You can also use three new managed AWS Config rules to verify whether your […]

It’s been another exciting year for AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. We have expanded our regional availability, added support for new resource types, introduced new managed Config rules, and introduced a dashboard view of your resource configuration and compliance. In this post, […]

Recently, AWS Config released a Rule Development Kit (RDK) that greatly simplifies your custom rule authoring experience. The RDK is an open-source tool that helps you set up AWS Config, author rules, and then test them using a variety of AWS resource types. This allows you to focus on the development of the rule itself. […]

Recently, AWS Config announced two new managed rules to detect Amazon S3 buckets that have overly permissive controls. You can now check your S3 buckets continuously for unrestricted public write access or unrestricted public read access. In addition, you can view compliance of all your S3 buckets against these rules, and receive notifications via Amazon […]

Recently, AWS Config announced support for AWS CloudFormation stacks. You can now start tracking the current and historical configuration of your CloudFormation stacks, and get notified via Amazon SNS when your stack configuration changes. You can also use a managed AWS Config rule to check whether your CloudFormation stacks are sending event notifications to an […]

On June 1st, AWS Config announced support for Amazon CloudWatch alarms. CloudWatch alarms are used on any of your CloudWatch metrics to send notifications or take other automated actions. You can now start tracking the current as well as historical configuration of your alarms and get notified via Amazon SNS when your alarm configuration changes. […]

AWS Config is a fully managed service that provides AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. You can use AWS Config Rules enables you to create rules that automatically check the configuration of AWS resources recorded by AWS Config. Over the last year, we expanded the service coverage […]