AWS Config

AWS Config

AWS Config

AWS Config is a utility that facilitates you to check, audit, and figure out the configurations of your AWS resources. AWS Config frequently records and monitors your AWS resource configurations and enables you to automate the interpretation of recorded configurations against the desired configurations. With AWS Config, you can analyze changes in the configurations and connection between AWS resources, dive into specific resource configuration experiences, and demonstrate your overall conformity against the configurations prescribed in your internal directions. This authorizes you to facilitate security analysis, compliance auditing, operational troubleshooting and change management.

Benefits of AWS Config

Regular monitoring
With AWS Config, you are capable of recording and monitoring configuration modification of your AWS resources regularly. AWS Config also authorizes you to reserve your AWS resources, the configurations of your AWS resources, also software configurations for EC2 situations at any point in time. Once changed from an earlier state is observed, an Amazon Simple Notification Service (SNS) notice can be provided to you so that you can review it and take necessary action.
Continuous assessment
AWS Config authorizes you to regularly assess and audit the complete conformity of your AWS resource composition with your company’s guidelines and policies. AWS Config presents you with the capability to describe rules for configuring and provisioning AWS resources. These rules can be managed individually or packaged consecutively with compliance remediation actions within a pack (called as a conformance pack) that can be arranged across your whole organization by a single click. Resource configurations modify that differ from your rules undoubtedly provoke Amazon Simple Notification Service (SNS) notifications and AWS CloudWatch events so that you can easily be notified regularly. You can additionally take benefits of the visual panel to monitor your overall compliance situation and instantly spot non-compliant resources.
Change management
With AWS Config, you are capable of noting down the relationships among resources and analyze resource dependencies before making any changes. Once a modification takes place, you are capable to instantly analyze the history of the resource's configuration and decide what the resource configuration considers like at any point in the past. AWS Config presents you with information to determine how a modification to a resource configuration would influence your other resources, which reduces the effect of change-related incidents.
Functional troubleshooting
With AWS Config, you can grab an all-inclusive history of your AWS resource configuration modification to clarify troubleshooting of your functional issues. AWS Config assists you to analyze the actual root cause of functional issues by integrating with the AWS CloudTrail service that has the capability to record all events associated with the API call of your account. AWS Config leverages AWS CloudTrail records to correspond configuration modification to meticulous events in your account. You can acquire the information of the event API call that enforce the change (e.g., who made the request, at what time, and from which IP address) from the CloudTrail logs.
Enterprise-wide conformity monitoring
With multi-account, multi-region statistics aggregation in AWS Config, you can also examine compliance position across your operation and recognize non-compliant accounts. You can plunge deeper to examine status for a prescribed section or a detailed account across different regions. You can look out this data from the AWS Config soothe in a central account, eliminating the requirement to get back this information individually from every account, and every region.
Assistance for third-party resources
AWS Config is constructed to be your principal tool to achieve configuration audit and observance verification for both of your AWS and third-party resources. You could circulate the configuration of third-party resources like Microsoft Active Directory resources, GitHub repositories or an on-premises server into AWS. You can also analyze and observe resource inventory as well as configuration history using the console option and APIs, exactly similar as in the AWS resources. You can also construct AWS Config rules or conformance packs to classify these third-party resources beside perfect practices, regulatory policies and internal policies.

Use Cases Achieved with AWS Config

AWS Config will find out the resources that continue in your account, record them in-progress configuration, and occupy any modification to these configurations. AWS Config will also maintain configuration analysis for resources that have been eliminated. An inclusive snapshot of all resources and their configuration characteristics prepares a whole inventory of resources within your account.
Modify management
When your resources are developed, deleted, or updated AWS Config manages these configuration changes to Amazon Simple Notification Service (SNS), so that you are completely informed of all the configuration changes. AWS Config illustrates relationships in-between resources so that you can determine how modification of one resource may affect other resources.
Regular audit and compliance
AWS Config is constructed to assist you in assessing consent with your internal procedures and regulatory standards by giving you perceptibility into the configuration of your AWS resources including third-party resources, and calculating resource configuration modifying against your preferred configurations regularly.
Consent-as-code framework
You can utilize AWS Config as your plan for establishing and deploying governance and consent policies across your AWS accounts and sections. You can classify your compliance necessity as AWS Config rules, and author remediation actions utilizing AWS Systems Manager Automation package and document them all-together within a conformance package that could easily be set up across an organization. Therefore, utilizing AWS Config, you can automate the assessment of all your resource configurations and resource modification to assists you make sure about the continuous consent and self-governance within your AWS infrastructure.
By using AWS Config, you can instantly troubleshoot functional issues by analyzing the latest configuration modification to your resources.
Analyzing Security
Information from AWS Config allows you to regularly observe the configurations of your resources and classify these compositions for potential security weaknesses. Making required resource configurations can enable the Amazon Simple Notification Service (SNS) notifications, which will be forward to the security team of your company for the evaluation and appropriate action. After a capable security event, Config allows you to examine the configuration history of your resources and review your security aspects.

AWS Certified Cloud Support Service Provider – Viana Labs

Viana Labs is one of the leading AWS support service provider offering best in class services at highly competitive rates that enables small to large companies to choose. For dedicated team of AWS professionals for DevOps, Consulting or Support services contact us today at

Transform cloud ideas into reality, contact us now.