Back to Catalog
Management & Governance

AWS Config

"Record and evaluate configurations of your AWS resources."

AWS Config

AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. It continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

Key Features

  • Configuration History: Records changes to resources over time (who changed what, and when).
  • Config Rules: Checks compliance against desired configurations (e.g., "Ensure EBS volumes are encrypted").
  • Remediation: Can automatically remediate non-compliant resources using SSM Automation.
  • Conformance Packs: Collection of rules and remediation actions.

Exam Tips

  • "Audit history": Answer is AWS Config.
  • "Compliance": Answer is AWS Config.
  • "Track changes": Answer is AWS Config.
  • "Timeline of changes": Config provides a timeline view.

Common Use Cases

  • Security Analysis: Determining what an environment looked like during a security incident.
  • Compliance Auditing: Demonstrating adherence to internal policies or regulatory standards (PCI, HIPAA).
  • Change Management: Troubleshooting operational issues by reviewing recent configuration changes.
Artifact
CloudTrail
SWIPE ZONE
< DRAG ME >