From a compliance perspective, AWS Config rules are a great feature and should be implemented whenever you use AWS Config. Backed by AWS Lambda functions performing simple logic, Config rules automatically monitor your resources to ensure they are meeting specific compliance controls that you might need to introduce within your AWS environment. If a resource is found not to be compliant, you will be notified via SNS and the configuration stream, allowing you to take corrective action.Â
With Config rules, you can enforce a consistent deployment and configuration approach, ensuring all resource types are following set criteria, regardless of by whom or when the resource was deployed.
There are two types of Config rules available: those that can be custom-defined, and those that are predefined and managed by AWS. These AWS rules are ready and available to use to save you from having to create your own from scratch.Â
Let’s take a look at how you can set up...