Open menu
-->

AWS Config Best Practices

AWS Config is a fully managed service that provides you with a detailed inventory of your AWS resources and their current configurations



AWS Config is a fully managed service that provides you with a detailed inventory of your AWS resources and their current configurations. This service also records your configuration history and notifies you when your configurations change.

Config Rules allows you to script rules that will automatically checks the configuration of your AWS resources. Config Rules can only check configurations associated with recourses recorded in AWS Config.

Cloud Conformity checks AWS Config service according to the following rules:

Monitor AWS Config configuration changes
AWS Config service configuration changes have been detected within your Amazon Web Services account.

Enable AWS Config
Ensure AWS Config is enabled in all regions to get the optimal visibility of the activity on your account.

AWS Config Referencing Missing S3 Bucket
Ensure AWS Config service is using an active S3 bucket to store configuration changes files.

AWS Config Referencing Missing SNS Topic
Ensure AWS Config service is using an active SNS topic to monitor configuration changes.

AWS Config Log Files Delivery Failing
Ensure Amazon Config log files are delivered as expected.

Include Global Resources into AWS Config Settings
Ensure Global resources are included into Amazon Config service configuration.