AWS Config

Note: AWS Config records and evaluates configurations of your AWS resources.

You set up a bucket, a SNS topic and some rules.

The state of your AWS resources are stored and, if a non-compliant resource gets created, you get notified via the SNS topic.

Example rules might be:

  • Only SSL requests on S3 buckets
  • Logging enabled on S3 buckets
  • Versioning enabled on S3 buckets
  • Volumes are encrypted
  • SSH restricted: i.e. only a restricted set of IPs are allowed to access via SSH

https://aws.amazon.com/config/

 

Note: AWS Config is expensive.

Leave a Reply

Your email address will not be published. Required fields are marked *