AWS Config - AWS GovCloud (US)

AWS Config

AWS Config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.

AWS Config and AWS Config Rules are supported in the AWS GovCloud (US) Region.

How AWS Config Differs for AWS GovCloud (US)

  • AWS Config recording of third-party resources or custom resource types are not supported in GovCloud (US).

  • AWS Config conformance packs are not supported in GovCloud (US).

  • AWS Config deployment of rules across an AWS Organization are not supported in GovCloud (US).

Documentation for AWS Config

AWS Config documentation.

Export-Controlled Content

For AWS Services architected within the AWS GovCloud (US) Regions, the table below explains how certain components of data may leave the Regions in the normal course of the Service Offerings. The table can be used as a guide to help meet applicable customer compliance obligations.

Data in the following service attributes will not leave the AWS GovCloud (US ) Regions in the normal course of the Service Offerings

Data in the following service attributes may leave the AWS GovCloud (US ) Regions in the normal course of the Service Offerings

  • AWS Config data is outside of the export boundary.

  • AWS Config does not include any export-controlled data.

  • AWS Config metadata is not permitted to contain export-controlled data. This includes the naming and configuration data that you enter when creating and managing your AWS Config settings.

    For example, do not enter export-controlled data into user input fields such as the following:

    • Annotations for rule evaluations

    • Resource identifier

    • S3 bucket name

    • SNS topic name

    • Tag key