AWS Cloud Operations & Migrations Blog

Tag: AWS Config

How to record resource configuration changes periodically with AWS Config

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account or across your AWS Organizations. AWS Config uses the configuration recorder to detect changes of your resources and track them as configuration items (CIs). Given the increasing complexity of cloud infrastructure, the number of resource configuration changes being made […]

Audit and visualize ephemeral EC2 instances using AWS CloudTrail Lake as a zero-ETL data source in Amazon Athena

Today, we are happy to announce that AWS CloudTrail Lake data is now available for zero-ETL analysis in Amazon Athena. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and compliance purposes. CloudTrail Lake allows you to easily aggregate activity logs […]

Continuously optimize your operational excellence posture through AWS Trusted Advisor

AWS Trusted Advisor continuously evaluates your AWS environment using best practice checks in the categories of cost optimization, performance, resilience, security, service limits, and operational excellence and recommends actions to remediate any deviations from AWS best practices in the AWS Well-Architected Framework. AWS Well-Architected Framework is a collection of architectural best practices and guidance to […]

Use AWS Config inventory and compliance dashboards for a unified view of resource inventory and compliance

We recently announced AWS Config compliance and inventory dashboards, a new AWS Config feature, that provides unified dashboards for AWS resource configurations and compliance across AWS accounts, AWS regions, or an AWS Organization. In this blog post, I will walk you through the dashboards and widgets that are included as of today for this launch. […]

Centralized Dashboard for AWS Config and AWS Security Hub

Back in July 2022, we announced AWS config compliance scores for conformance packs which helps you quantify your compliance posture as an Amazon CloudWatch metric. It’s a quantitative measure of compliance status. While customers can have hundreds of AWS accounts where AWS Config is enabled and each account and each AWS Region have a different compliance score. While […]

Automated Evidence Collection for Life Sciences continuous compliance solutions using AWS Audit Manager

In the first post of this two-part series, we highlighted how Life Sciences customers can implement a controlled change management process using AWS Systems Manager Change Manager and AWS Config. The solution in our first post, highlighted how a you can follow your Standard Operating Procedures (SOP’s) by implementing approval steps in order to make […]

Automating organizational policies with custom AWS Config Rules and evidence collection in AWS Audit Manager

AWS Config is a service that allows you to evaluate your AWS resources against a desired configuration state using AWS Config Rules. Two types of rules exist, managed rules which are meant to be used out-of-the-box and custom rules for which you define your desired configuration state via code.  AWS Audit Manager can help you […]

How to audit the support level of your AWS accounts using AWS Config

How to audit the support level of your AWS accounts using AWS Config

At AWS, we offer a variety of tools to assist our customers during their cloud journey. From AWS re:POST where you can ask AWS related questions to the community, to AWS Skill Builder where customers can view on-demand video content and sign up to attend online and live training sessions. AWS also offers various support […]

Evaluate custom configurations using AWS Config Custom Policy rules and the open source sample repository

Does your organization have custom configuration requirements for your resources? Do you find it challenging to compare actual resource configuration settings against your configuration requirements? Today, you can leverage a new public repository of sample AWS Config custom rules using AWS CloudFormation Guard to help you address these challenges. AWS Config allows you to evaluate actual […]

Monitoring version compliance of Amazon Elastic Kubernetes Service by using AWS Config

Monitoring version compliance of Amazon Elastic Kubernetes Service by using AWS Config

Amazon Elastic Kubernetes Services (Amazon EKS) provides a managed Kubernetes service, simplifying cluster operations by offloading undifferentiated heavy lifting to AWS. With the Kubernetes release cycle of a new release every 4 months, customers have difficulty in keeping their EKS clusters up-to-date, especially across multiple AWS accounts. Additionally, keeping track of EKS version will aid your […]