Managing and Viewing AWS Resource Configurations with AWS Config

AWS Config allows you to assess, audit, and evaluate the configurations of AWS resources.

AWS resources are entities that you create and manage using the AWS Management Console, the AWS Command Line Interface (CLI), the AWS SDKs, or AWS partner tools. Examples of AWS resources include Amazon EC2 instances, security groups, Amazon VPCs, and Amazon Elastic Block Store. AWS Config refers to each resource using its unique identifier, such as the resource ID or an Amazon Resource Name (ARN).

Some common use cases include:

• Cloud administrator: You can track and manage resource configurations to help ensure compliance, troubleshoot issues, and maintain an understanding of your AWS environment

• Security analyst: You can evaluate resource configurations against desired states to help identify vulnerabilities and assess security posture.

• Compliance officer: You can continuously audit and monitor resource configurations to help ensure adherence to organizational policies and industry standards.

Topics

• Supported Resource Types
• Resource Coverage by Region Availability
• Recording AWS Resources
• Recording Configurations for Third-Party Resources using the AWS CLI
• Recording Software Configuration for Managed Instances
• Looking Up Resources That Are Discovered by AWS Config
• Viewing Compliance Information and Evaluation Results for your AWS Resources
• Viewing Compliance History for your AWS Resources
• Querying Compliance History for your AWS Resources
• Tagging Your AWS Config Resources