AWS Security Blog

Category: AWS Config

Announcing the AWS Config Rules Repository: A New Community-Based Source of Custom Rules for AWS Config

Today, we’re happy to release the AWS Config Rules repository, a community-based source of custom AWS Config Rules. This new repository gives you a streamlined way to automate your assessment and compliance against best practices for security of AWS resources. AWS Config Rules is a service that provides automated, periodic security and compliance checking of […]

Read More

How to Use AWS Config to Help with Required HIPAA Audit Controls: Part 4 of the Automating HIPAA Compliance Series

In my previous posts in this series, I explained how to get started with the DevSecOps environment for HIPAA that is depicted in the following architecture diagram. In my second post in this series, I gave you guidance about how to set up AWS Service Catalog (#4 in the following diagram) to allow developers a […]

Read More

How to Record and Govern Your IAM Resource Configurations Using AWS Config

AWS Config recently added the ability to record changes to the configuration of your AWS Identity and Access Management (IAM) users, groups, and roles (collectively referred to as IAM entities) and the policies associated with them. Using this feature, you can record configuration details for these IAM entities, including details about which policies are associated […]

Read More

New Security Services Launched at AWS re:Invent 2015—Amazon Inspector, AWS WAF, and AWS Config Rules

Today at re:Invent, AWS announced two new security services and one new feature to help you improve your security posture and protect applications deployed on AWS. Amazon Inspector is an automated security assessment service that helps minimize the likelihood of introducing security or compliance issues when deploying applications on AWS. Amazon Inspector automatically assesses applications […]

Read More