Compliance-as-Code Using AWS Config

If you’re looking for someone to help you with auditing and compliance of your AWS resources, someone to help you record configurations and changes over time, someone to let you know every time a resource is non-complaint with your security rules, you would think you need several different people for the job, but you don’t. You just need AWS Config.

AWS Config WHO?

AWS Config is a tool used for auditing and compliance of your AWS resources. It helps with defining security requirements for your Infrastructure Posture and with developing Config Rules.

When we talk AWS Config we talk Continuous Compliance. Continuous compliance is the capability of a Security Operations Team to transform compliance to code, deliver security controls consistently across AWS accounts at scale and make auditing resources part of the day-to-day activities.

Assessing, auditing and evaluating AWS resources with Config can be done in all regions. This tool allows you to automate the evaluation of recorded configurations against desired configurations.

With Config you can:

1. review changes in configurations
2. review relationships between AWS resources
3. dive into detailed resource configuration histories
4. determine your overall compliance against the configuration…