AWS Config 推出 75 条新托管规则

发布于: 2026年3月18日

AWS Config 宣布新增 75 条托管 Config 规则,涵盖安全性、持久性和运营等多个使用案例。您现在可直接通过 AWS Config 搜索、发现、启用和管理这些新增规则,进一步实现对 AWS 环境中更多使用案例的治理。

通过此次发布,您现在可以在单个账户或整个组织范围内启用这些控制措施。例如,您可以评测自己在 AWS Amplify、Amazon SageMaker、Amazon Route 53 等服务上的安全态势。此外,您还可以利用规则及补救措施套件包将这些新控制措施进行分组,并在单个账户或整个组织范围内部署,从而简化多账户治理。

有关最近发布的规则的完整列表,请访问 AWS Config 开发人员指南。有关每条规则的具体说明及其支持的 AWS 区域,请参阅我们的 Config 托管规则文档。要开始使用 Config 规则,请参阅我们的文档

新规则已发布:

  1. ACM_CERTIFICATE_TRANSPARENT_LOGGING_ENABLED
  2. AMPLIFY_APP_BUILD_SPEC_CONFIGURED
  3. AMPLIFY_APP_PLATFORM_CHECK
  4. AMPLIFY_BRANCH_AUTO_BUILD_ENABLED
  5. AMPLIFY_BRANCH_BUILD_SPEC_CONFIGURED
  6. AMPLIFY_BRANCH_FRAMEWORK_CONFIGURED
  7. AMPLIFY_BRANCH_PULL_REQUEST_PREVIEW_ENABLED
  8. APIGATEWAY_DOMAIN_NAME_TLS_CHECK
  9. APIGATEWAYV2_INTEGRATION_PRIVATE_HTTPS_ENABLED
  10. APPINTEGRATIONS_APPLICATION_APPROVED_ORIGINS_CHECK
  11. APPINTEGRATIONS_APPLICATION_TAGGED
  12. APPMESH_MESH_IP_PREF_CHECK
  13. APPMESH_VIRTUAL_GATEWAY_LISTENERS_HEALTH_CHECK_ENABLED
  14. APPMESH_VIRTUAL_NODE_LISTENERS_HEALTH_CHECK_ENABLED
  15. APPMESH_VIRTUAL_NODE_LISTENERS_OUTLIER_DETECT_ENABLED
  16. APPMESH_VIRTUAL_NODE_SERVICE_BACKENDS_TLS_ENFORCED
  17. CLOUDTRAIL_EVENT_DATA_STORE_MULTI_REGION
  18. CLOUDWATCH_ALARM_DESCRIPTION
  19. CODEARTIFACT_REPOSITORY_TAGGED
  20. CODEBUILD_PROJECT_TAGGED
  21. EC2_IPAMSCOPE_TAGGED
  22. EC2_LAUNCHTEMPLATE_EBS_ENCRYPTED
  23. ECS_SERVICE_PROPAGATE_TAGS_ENABLED
  24. ELBV2_TARGETGROUP_HEALTHCHECK_PROTOCOL_ENCRYPTED
  25. ELBV2_TARGETGROUP_PROTOCOL_ENCRYPTED
  26. EVENTSCHEMAS_DISCOVERER_TAGGED
  27. EVENTSCHEMAS_REGISTRY_TAGGED
  28. GROUNDSTATION_CONFIG_TAGGED
  29. GROUNDSTATION_DATAFLOWENDPOINTGROUP_TAGGED
  30. GROUNDSTATION_MISSIONPROFILE_TAGGED
  31. HEALTHLAKE_FHIRDATASTORE_TAGGED
  32. IAM_OIDC_PROVIDER_CLIENT_ID_LIST_CHECK
  33. IAM_POLICY_DESCRIPTION
  34. IMAGEBUILDER_DISTRIBUTIONCONFIGURATION_TAGGED
  35. IMAGEBUILDER_IMAGEPIPELINE_TAGGED
  36. IMAGEBUILDER_IMAGERECIPE_EBS_VOLUMES_ENCRYPTED
  37. IMAGEBUILDER_IMAGERECIPE_TAGGED
  38. IMAGEBUILDER_INFRASTRUCTURECONFIGURATION_TAGGED
  39. KINESISVIDEO_SIGNALINGCHANNEL_TAGGED
  40. KINESISVIDEO_STREAM_TAGGED
  41. LAMBDA_FUNCTION_APPLICATION_LOG_LEVEL_CHECK
  42. LAMBDA_FUNCTION_LOG_FORMAT_JSON
  43. LAMBDA_FUNCTION_SYSTEM_LOG_LEVEL_CHECK
  44. LIGHTSAIL_BUCKET_OBJECT_VERSIONING_ENABLED
  45. MEDIAPACKAGE_PACKAGINGCONFIGURATION_TAGGED
  46. MEDIATAILOR_PLAYBACKCONFIGURATION_TAGGED
  47. MEMORYDB_SUBNETGROUP_TAGGED
  48. NEPTUNE_CLUSTER_SNAPSHOT_IAM_DATABASE_AUTH_ENABLED
  49. OPENSEARCHSERVERLESS_COLLECTION_DESCRIPTION
  50. OPENSEARCHSERVERLESS_COLLECTION_STANDBYREPLICAS_ENABLED
  51. PANORAMA_PACKAGE_TAGGED
  52. RDS_CLUSTER_BACKUP_RETENTION_CHECK
  53. RDS_GLOBAL_CLUSTER_AURORA_MYSQL_SUPPORTED_VERSION
  54. RESILIENCEHUB_APP_TAGGED
  55. RESILIENCEHUB_RESILIENCYPOLICY_TAGGED
  56. ROUTE53_RECOVERY_CONTROL_CLUSTER_TAGGED
  57. ROUTE53_RECOVERY_READINESS_CELL_TAGGED
  58. ROUTE53_RECOVERY_READINESS_READINESS_CHECK_TAGGED
  59. ROUTE53_RECOVERY_READINESS_RECOVERY_GROUP_TAGGED
  60. ROUTE53_RECOVERY_READINESS_RESOURCE_SET_TAGGED
  61. ROUTE53_RESOLVER_RESOLVER_ENDPOINT_TAGGED
  62. S3_DIRECTORY_BUCKET_LIFECYCLE_POLICY_RULE_CHECK
  63. SAGEMAKER_DATA_QUALITY_JOB_ENCRYPT_IN_TRANSIT
  64. SAGEMAKER_DATA_QUALITY_JOB_ISOLATION
  65. SAGEMAKER_FEATUREGROUP_DESCRIPTION
  66. SAGEMAKER_INFERENCEEXPERIMENT_TAGGED
  67. SAGEMAKER_MODEL_BIAS_JOB_ENCRYPT_IN_TRANSIT
  68. SAGEMAKER_MODEL_BIAS_JOB_ISOLATION
  69. SAGEMAKER_MODEL_EXPLAINABILITY_JOB_ENCRYPT_IN_TRANSIT
  70. SAGEMAKER_MODEL_QUALITY_JOB_ENCRYPT_TRANSIT
  71. SAGEMAKER_MONITORING_SCHEDULE_ISOLATION
  72. SIGNER_SIGNINGPROFILE_TAGGED
  73. TRANSFER_CONNECTOR_AS2_ENCRYPTION_ALGORITHM_CHECK
  74. TRANSFER_CONNECTOR_AS2_MDN_SIGNING_ALGORITHM_CHECK
  75. TRANSFER_CONNECTOR_AS2_SIGNING_ALGORITHM_CHECK