Managing and Viewing Amazon Resource Configurations with Amazon Config - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Managing and Viewing Amazon Resource Configurations with Amazon Config

Amazon Config allows you to assess, audit, and evaluate the configurations of Amazon resources.

Amazon resources are entities that you create and manage using the Amazon Web Services Management Console, the Amazon Command Line Interface (CLI), the Amazon SDKs, or Amazon partner tools. Examples of Amazon resources include Amazon EC2 instances, security groups, Amazon VPCs, and Amazon Elastic Block Store. Amazon Config refers to each resource using its unique identifier, such as the resource ID or an Amazon Resource Name (ARN).

Some common use cases include:

  • Cloud administrator: You can track and manage resource configurations to help ensure compliance, troubleshoot issues, and maintain an understanding of your Amazon environment

  • Security analyst: You can evaluate resource configurations against desired states to help identify vulnerabilities and assess security posture.

  • Compliance officer: You can continuously audit and monitor resource configurations to help ensure adherence to organizational policies and industry standards.