Testing Professor
Testing ProfessorMulti-Cloud Guidebook · AWS
All services

Management & Governance

AWS Config

Continuous configuration recording and compliance.

Official docs

Overview

Config tracks resource configurations over time, evaluates them against managed/custom rules and reports compliance.

When to use it

  • Compliance auditing
  • Change tracking
  • Detect drift from baseline

Setup

  1. Enable Config recorder in each region.
  2. Subscribe to managed rules (e.g. s3-bucket-public-read-prohibited).

How to use

List non-compliant
aws configservice describe-compliance-by-resource --compliance-types NON_COMPLIANT

QA use cases

  • Add Config rule that flags untagged QA resources for cleanup automation.