AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
Try AWS Config
Create a Free AccountReceive twelve months of access to the AWS Free Tier and enjoy AWS Basic Support features including, 24x7x365 customer service, support forums, and more.
You can view continuously updated details of all configuration attributes associated with AWS resources. You are notified via Amazon Simple Notification Service (SNS) of every configuration change and you can process these notifications programmatically.
With AWS Config, there are no software agents to install, and no databases to manage. AWS Config automatically manages the underlying infrastructure required to record, store and report on the configuration details of your AWS resources.
You can enable AWS Config with a few clicks in the AWS Management Console. AWS Config will discover your AWS resources and start recording configuration changes. You can access information about the configuration of any resource using the AWS Management Console, CLI, or SDKs.
With AWS Config, there are no upfront costs. You pay-as-you-go based on the number of resources and configuration changes recorded for your AWS account.
You can choose from numerous Amazon Partner Network (APN) partners who provide solutions that integrate with AWS Config for resource discovery, change management, compliance or security.
AWS Config will discover all resources that exist in your account for supported services and represent them in a consistent form. A comprehensive snapshot of all resources and their configuration attributes provides a complete inventory of resources in your account.
When your resources are created, updated, or deleted, AWS Config streams these configurations changes to Amazon Simple Notification Service (SNS), so that you are notified of all configuration changes. AWS Config represents relationships between resources, so that you can assess how a change to one resource may impact other resources.
AWS Config is designed to help you ensure compliance with internal policies and regulatory standards by providing visibility into the configuration of a resource at any time.
Using AWS Config, you can quickly troubleshoot operational issues by identifying the recent configuration changes to your resources.
Properly configured resources improve your security posture. Data from AWS Config enables you to continuously monitor the configurations of your resources and evaluate these configurations for potential security weaknesses. After a potential security event, AWS Config enables you to examine the configuration of your resources at any single point in the past.
