AWS Config

Assess, audit, and evaluate configurations of your resources

Why AWS Config?

Learn more about AWS Config. AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

Benefits of AWS Config

Continually assess, monitor, and record resource configuration changes to simplify change management.
Audit and evaluate compliance of your resource configurations with your organization’s policies on a continual basis.
Simplify operational troubleshooting by correlating configuration changes to particular events in your account.

How it works

AWS Config continually assesses, audits, and evaluates the configurations and relationships of your resources on AWS, on premises, and on other clouds.

Diagram showing how AWS Config records resource configuration changes and evaluates them against desired configurations.

Use cases

Discover resources that exist in your account or publish the configuration data of third-party resources into AWS Config, record their configurations, and capture any changes to quickly troubleshoot operational issues.

Learn more about configuration recording best practices

Codify your compliance requirements as AWS Config rules and author remediation actions, automating the assessment of your resource configurations across your organization.

Learn more about compliance as code

Evaluate resource configurations for potential vulnerabilities, and review your configuration history after potential incidents to examine your security posture.

Learn more about vulnerability assessments


Explore more of AWS