Tag: AWS Config

[Update on Sep/21/2024] AWS Config recorder has recently provided support for periodic recording, this captures the latest configuration changes of your resources once every 24 hours, reducing the number of changes delivered. This blog has been updated to incorporate that. [Update on May/14/2024] Minor update to the services that depend on AWS Config recorder and […]

Today we’re going to highlight just some of the sessions planned for AWS re:Inforce 2022, which will take place in Boston, MA, on July 26-27. AWS re:Inforce is a learning conference focused on security, compliance, identity, and privacy. The event features access to hundreds of technical and business sessions, an AWS Partner expo hall, a […]

AWS Config lets you evaluate your AWS resources with a desired configuration state using AWS Config Rules. In AWS Config, you can define two types of rules, managed rules and custom rules. Managed rules are AWS provided rules that will evaluate your resources with a predefined configuration state that address some of the most common […]

In this post, we’ll demonstrate how Customers looking to maintain Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Manufacturing Practices (GMP) can get started evaluating their environments for the controls found in Title 21 of the Code of Federal regulations (CFR) Part 11, and remediate non-compliant resources via a change control process using native […]

On July 5, 2022, the AWS managed policy AWSConfigRole will be deprecated. This policy is being replaced by a more scoped-down policy, AWS_ConfigRole. The AWSConfigRole managed policy will continue working for all currently attached users, groups, and roles. However, after July 5, 2022, the AWSConfigRole managed policy can’t be attached to any new users, groups, […]

AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. With AWS Config, you can review changes in configurations and relationships between AWS resources, explore resource configuration histories, and use rules to determine compliance. An aggregator is an AWS Config resource type that collects AWS Config configuration and compliance […]

This blog post is the second in a two-part series. Part one of this blog post showed how to deploy and configure the CloudWatchAutoAlarms Lambda function to create a default alarm set and custom alarms for your Amazon Elastic Compute Cloud (Amazon EC2) instances using EC2 instance tags. In this post, I show how you […]

AWS would like to introduce you to the RDKLib, an open source Python library you can use to build, develop, and deploy custom AWS Config rules at scale. RDKLib works with the AWS Config Rule Development Kit. It is designed to work at the AWS Lambda layer, so you can use the library without needing […]

This blog post highlights newly published videos on the AWS Management and Governance YouTube channel that help you enable, provision, and operate your AWS environments effectively. The first part of this blog series was published last spring. The objective of these video-based, hands-on solutions is to enable you to innovate faster while maintaining control over […]

In this post, I show how AWS Systems Manager OpsCenter can be used to centrally record and mitigate alerts from AWS Config.  When AWS Config detects a resource that is out of compliance, an OpsItem is created.  This OpsItem is used to track details of the noncompliant resource, record investigative actions, and provide access to […]