AWS Config
Developer Guide

List of AWS Config Managed Rules

AWS Config provides the following managed rules.

*This rule uses automated reasoning tools (ART) to evaluate IAM permissions and resource policies for correctness.

The following rules are not available in the China (Beijing) (cn-north-1) region:

  • s3-bucket-public-read-prohibited

  • s3-bucket-public-write-prohibited

  • s3-bucket-ssl-requests-only

  • s3-bucket-server-side-encryption-enabled

  • lambda-function-public-access-prohibited

  • encrypted-volumes

  • rds-storage-encrypted

  • fms-webacl-resource-policy-check

  • fms-webacl-rulegroup-association-check

  • codebuild-project-envvar-awscred-check

  • codebuild-project-source-repo-url-check

  • acm-certificate-expiration-check

  • elb-acm-certificate-required

  • root-account-mfa-enabled

  • guardduty-enabled-centralized

  • S3-blacklisted-actions-prohibited

  • S3-bucket-policy-not-more-permissive