AWS Config

• It provides a detailed view of the resources associated with AWS account,
• It includes
  • how resources are configured
  • how they are related to one another
  •  how the configurations and their relationships have changed over time
• It continuously monitors and records AWS resource configurations
• You can automate the evaluation of recorded configurations against desired configurations.

Using AWS Config

• Assess configuration settings of AWS resources.
• Now, enlist and develop AWS Config rules, being akin to ideal configuration settings.
• AWS Config provides
  • customizable,
  • predefined rules called managed rules
  • Can also create own custom rules.
• continuous tracking of configuration changes in AWS resources is done by AWS Config
• AWS Config will flag a resource as noncompliant, if the resource violates a rule
• compliance status for AWS Config rules and AWS resources is  listed in Config console
• AWS Config service  can receive requests for compliance details by
  • AWS CLI
  • the AWS Config API
  • AWS SDKs.