AWS Management Tools Blog

Tag: AWS Config

AWS Config best practices

AWS Config is a service that maintains a configuration history of your AWS resources and evaluates the configuration against best practices and your internal policies. You can use this information for operational troubleshooting, audit, and compliance use cases. In this blog post, I share best practices on how to use AWS Config as a tool […]

Read More

Ingest AWS Config data into Splunk with ease

AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against configurations that you want. Today, many customers choose to use Splunk as their centralized monitoring system. In addition to displaying Amazon CloudWatch logs and metrics in Splunk dashboards, you can use AWS Config data […]

Read More

How to query your AWS resource configuration states using AWS Config and Amazon Athena

Tracking and managing the states of your AWS resources can be a challenge, especially as your account grows and you integrate with more and more AWS services. AWS Config is a service that helps make tracking your resources easy by continuously monitoring and recording your AWS resource configurations and maintaining a history of configuration changes […]

Read More

Preventing blacklisted applications with AWS Systems Manager and AWS Config

AWS Systems Manager Inventory collects metadata from Amazon EC2 instances and on-premises instances. AWS Systems Manager Inventory integrates with AWS Config to record inventory data for historical views, change tracking, or auditing. When you use AWS Config recording for systems inventory data you can enable scenarios such as tracking newly installed or removed software applications, […]

Read More

How to create custom AWS Config rules with AWS CodeStar

The AWS Config rules feature enables you to define in code the desired configuration of your AWS resources. For example, you can check that your Amazon S3 buckets are not publicly accessible or that your instances are associated with a security group. While Config offers a set of prebuilt (managed) rules that represent common best […]

Read More

How to develop custom AWS Config rules using the Rule Development Kit

To help customers rapidly prototype, develop, and deploy their custom AWS Config rules at scale, AWS introduces a new version of the AWS Config Rule Development Kit (RDK). The RDK is a command-line utility designed to help you to shorten your security and compliance feedback cycles when using Config. It helps you build a continuous […]

Read More

How to Track Changes to Auto Scaling Groups Using AWS Config

Recently, AWS Config announced support for Auto Scaling groups. You can now track configuration changes in Auto Scaling groups, such as minimum, maximum, and desired capacities, termination policies, scaling policies, subnets, and instance protection settings. You can also use a new managed AWS Config rule to check whether the Auto Scaling groups associated with your […]

Read More

How to Track Configuration Changes to Classic Load Balancers Using AWS Config

Recently, AWS Config announced support for Classic Load Balancer in all public regions and AWS GovCloud (US). You can now start tracking the current and historical configurations of your Classic Load Balancers, and get notified via Amazon SNS when your configurations change. You can also use three new managed AWS Config rules to verify whether your […]

Read More

AWS Config: A Year in Review 2017

It’s been another exciting year for AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. We have expanded our regional availability, added support for new resource types, introduced new managed Config rules, and introduced a dashboard view of your resource configuration and compliance. In this post, […]

Read More