AWS Config

Assess, audit, and evaluate configurations of your resources

How it works

AWS Config continually assesses, audits, and evaluates the configurations and relationships of your resources on AWS, on premises, and on other clouds.

Diagram showing how AWS Config records resource configuration changes and evaluates them against desired configurations.
Enforce compliance with AWS Config (7:51)
Enforce compliance with AWS Config
In this video, find out how to create rules in AWS Config, evaluate resources, and enforce compliance.

Use cases

Streamline operational troubleshooting and change management

Discover resources that exist in your account or publish the configuration data of third-party resources into AWS Config, record their configurations, and capture any changes to quickly troubleshoot operational issues.

Learn more about configuration recording best practices »

Deploy a compliance-as-code framework

Codify your compliance requirements as AWS Config rules and author remediation actions, automating the assessment of your resource configurations across your organization.

Learn more about compliance as code »

Continually audit security monitoring and analysis

Evaluate resource configurations for potential vulnerabilities, and review your configuration history after potential incidents to examine your security posture.

Learn more about vulnerability assessments »

How to get started

Learn more about AWS Config features

Explore the resource tracking capabilities of AWS Config.

Explore AWS Config pricing

Pay for only what you use, with no minimums or upfront commitments. 

Dive deeper on AWS Config

Learn more about how AWS Config works.

Explore more of AWS