Managing and Viewing Amazon Resource Configurations with Amazon Config
Amazon Config allows you to assess, audit, and evaluate the configurations of Amazon resources.
Amazon resources are entities that you create and manage using the Amazon Web Services Management Console, the Amazon Command Line Interface (CLI), the Amazon SDKs, or Amazon partner tools. Examples of Amazon resources include Amazon EC2 instances, security groups, Amazon VPCs, and Amazon Elastic Block Store. Amazon Config refers to each resource using its unique identifier, such as the resource ID or an Amazon Resource Name (ARN).
Some common use cases include:
-
Cloud administrator: You can track and manage resource configurations to help ensure compliance, troubleshoot issues, and maintain an understanding of your Amazon environment
-
Security analyst: You can evaluate resource configurations against desired states to help identify vulnerabilities and assess security posture.
-
Compliance officer: You can continuously audit and monitor resource configurations to help ensure adherence to organizational policies and industry standards.
Topics
- Supported Resource Types
- Resource Coverage by Region Availability
- Recording Amazon Resources
- Recording Configurations for Third-Party Resources using the Amazon CLI
- Recording Software Configuration for Managed Instances
- Looking Up Resources That Are Discovered by Amazon Config
- Viewing Compliance Information and Evaluation Results for your Amazon Resources
- Viewing Compliance History for your Amazon Resources
- Querying Compliance History for your Amazon Resources
- Tagging Your Amazon Config Resources