Skip to main content
TrustRadius
AWS Config

AWS Config

Overview

What is AWS Config?

Amazon Web Services offers AWS Config, a service that provides monitoring and assessment of AWS resource configurations to support compliance auditing, change management and troubleshooting, with resource histories and comparison of historical configurations against planned configurations.

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
AWS Config

AWS Config

N/A
Unavailable

What is AWS Config?

Amazon Web Services offers AWS Config, a service that provides monitoring and assessment of AWS resource configurations to support compliance auditing, change management and troubleshooting, with resource histories and comparison of historical configurations against planned configurations.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://aws.amazon.com/config/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

1 person also want pricing

Alternatives Pricing

Microsoft System Center

Microsoft System Center

$1,323
per month
What is Microsoft System Center?

Microsoft System Center Suite is a family of IT management software for network monitoring, updating and patching, endpoint protection with anti-malware, data protection and backup, ITIL- structured IT service management, remote administration and more. It is available in two editions: standard…

SolarWinds Kiwi CatTools

SolarWinds Kiwi CatTools

$852
Per Instance
What is SolarWinds Kiwi CatTools?

SolarWinds® Kiwi CatTools® is network automation tool designed to manage configurations on network devices such as routers, switches, and firewalls. It helps users work more efficiently by scheduling automatic backup activities and rolling out configuration changes to multiple devices at the same…

Return to navigation

Product Details

What is AWS Config?

AWS Config is a service that enables users to assess, audit, and evaluate the configurations of AWS resources. Config continuously monitors and records AWS resource configurations and allows users to automate the evaluation of recorded configurations against desired configurations. With Config, users can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine overall compliance against the configurations specified in internal guidelines. This enables users to simplify compliance auditing, security analysis, change management, and operational troubleshooting.

AWS Config Features

  • Supported: Configuration history of AWS resources
  • Supported: Configuration history of software
  • Supported: Resource relationships tracking
  • Supported: Configurable and customizable rules
  • Supported: Automatic remediation with Config rules
  • Supported: Conformance packs
  • Supported: Multi-account, multi-region data aggregation
  • Supported: Custom configuration
  • Supported: Configuration snapshots
  • Supported: Cloud governance dashboard
  • Supported: Partner solutions

AWS Config Videos

AWS Config: Assess, Audit and Evaluate your AWS Resources
Automated Compliance and Governance: AWS Config and AWS CloudTrail
Essentials: Introducing Config Rules

AWS Config Integrations

AWS Config Competitors

AWS Config Technical Details

Deployment TypesOn-premise
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo
Supported CountriesAmericas, Europe, Middle East, Africa, Asia Pacific

Frequently Asked Questions

Amazon Web Services offers AWS Config, a service that provides monitoring and assessment of AWS resource configurations to support compliance auditing, change management and troubleshooting, with resource histories and comparison of historical configurations against planned configurations.

ServiceNow Now Platform, Optimizely Web Experimentation, and ServiceNow IT Service Management are common alternatives for AWS Config.

The most common users of AWS Config are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(30)

Attribute Ratings

Reviews

(1-5 of 5)
Companies can't remove reviews or game the system. Here's why
May 10, 2021

If you have AWS workload, definitely use AWS config for compliance monitoring

Verified User
Professional in Information Technology
Fund-Raising Company, 1001-5000 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Having migrated to the AWS cloud over the last year and a half, we started with AWS from the beginning. It is great to check if your implemented resources align with what you want and/or AWS best practices and to keep a history of all the configuration changes. Both are very helpful for any compliance question you might encounter.
Pros and Cons
  • Great to track config changes and helpful for troubleshooting.
  • Great for compliance questions you might get.
  • It's only AWS, no third party.
  • Not the most intuitive interface, but with a little getting used to it is OK.
Likelihood to Recommend
To keep track of changes and to answer many compliance issues this is a life-saver. AWS does a good job providing tools like this. Any AWS workload should be monitored with AWS Config. It even is great for troubleshooting and seeing who changed what at what time.
Most Important Features
  • Auditability
  • Troubleshooting: who did what when.
Return on Investment
  • Alerting on changes can be setup so issues can be solved quickly.
Alternatives Considered
As this is native to AWS, we didn't consider anything else. It checks and monitors AWS resources so to check and monitor any other services we use other software.
April 29, 2021

AWS Config - Enforce, Evaluate, Remediate

Verified User
Administrator in Information Technology
Gambling & Casinos Company, 201-500 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use AWS Config to ensure our resources on AWS adhere to AWS best practices. It is used to assess and evaluate your AWS services and their configuration. There is also the option for automatic remediation when a service is found to be breaching a rule. AWS Config is a great tool for [the] governance of your AWS accounts.
Pros and Cons
  • The ability to track changes in AWS is paramount, AWS config allows you to do this
  • Allows the auditing of an AWS account
  • Can view history of an account that has AWS config enabled
  • Vendor [lock-in] as this is only available on AWS
  • [The] interface is dated and is [in] need of updating by AWS
  • Graphing is [...] not the easiest to configure
Likelihood to Recommend
The specific situation we find it useful to use AWS Config is to apply config rules to enforce certain audit requirements, from ISO 9001/27001 for example. This means we know that no resources can be created that will breach these audit requirements. However, as the [number] of rules start to grow it can become cumbersome to manage.
Most Important Features
  • Rule enforcement
  • Auto remediation
  • Reporting
Return on Investment
  • Enforcing audit requirements
  • Easy to set up alerting when there are rule breaches
  • Auto remediation reduces the manual policing of such breaches
Alternatives Considered
I have not assessed any other tools that do a similar function to AWS Config.
Other Software Used
March 27, 2019

AWS Config is the only one you need for your AWS infrastructure monitoring

Verified User
Engineer in Information Technology
Professional Training & Coaching Company, 11-50 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use AWS config to set a ground rule of our AWS configuration and resources. Since we are using AWS S3 for a lot of our critical resources, AWS config makes it easy for us to evaluate the configuration of those resources as well as tracking the configuration history to see whenever any configuration changes cause an issue to our service.
Pros and Cons
  • Track many AWS server configuration
  • Faster and easier audit process of your AWS services configuration
  • Keeping history of changes means its easy to spot any issues that occur whenever any changes happened
  • The interface is not really user friendly and the configuration option is not easy to use either
  • Only available for resources within AWS
  • Some service can be quite costly, we need to prioritise which service that we would apply AWS config to and leave the less important service without AWS config monitoring
Likelihood to Recommend
It's really good if your infrastructure services is all in AWS, that means everything could be audited and monitored using AWS config. You also can create alarms to notify you or your team about any changes on your AWS resources which is very useful to prevent abuse if you have a fairly large team. It's also very useful whenever some third party wants to audit your AWS resources, if you have a fairly comprehensive AWS config configured, the auditing process will be easy since they only need to look at your AWS config setup.
Return on Investment
  • A "Big Fish" company that is more concerned about the security of their data came aboard with us more easily since they trust us with the AWS config setup
  • Less time to debug or finding out issue on infrastructure whenever it happens
  • Easy and fast to roll back whenever changes that caused issues happen
Alternatives Considered
Despite the comparison it is not really apples to apples, the main purpose of the service is quite similar which is to monitor your application or services. In terms of AWS services, AWS Config provides more options to monitor and log your service on the infrastructure level which is very useful on that level and overall will give you more information about what is currently happening. Meanwhile PaperTrail is more suited to monitor and log your service and could only give you information on the application level.
Other Software Used
Performance
10
The performance has never been an issue for us, the dashboard gives us real-time monitoring and the alert sends us the notification within less than a minute of it happening, this applies to all of the monitored resources on AWS. However we can't (or probably haven't figured out how to) integrate with any other third party services, so we can't really evaluate how it integrates with other services
Ease of Integration
4
For the first time user, the whole configuration options can be really confusing. The explanation and user experiences is not very straightforward and user friendly to use. You need to know at least basic knowledge of how the majority of AWS cloud system works on top of the AWS services that you actually use. The amount of configuration option could be overwhelming when you set it up the first time.
February 07, 2019

AWS Config - ideal for AWS workloads

Verified User
Professional in Finance and Accounting
Information Services Company, 501-1000 employees
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
AWS Config allows us to monitor our configuration of AWS resources, whether that be configuration history so we can view any changes which might have caused an issue; or if we want to be able to replicate workloads in a previous configuration.

This also allows us to save all our configurations within an S3 bucket.

We get alerts on some workloads via SNS when applicable.
Pros and Cons
  • We are able to use AWS config to track changes within our environments.
  • We use AWS Config across multiple accounts (environment segregation) whilst maintaining a central (fully backed up because stores in S3 managed repository.
  • Vendor lock-in, no easy migration path for example if you want to move some workloads to Azure, you'd not be able to lift and shift.
  • Only at an AWS resource perspective - cannot do desired state configuration at an OS level (which makes sense but be good if you could even as a separate feature within AWS Config).
Likelihood to Recommend
Ideal for compliance monitoring - so providing easy visibility on what volumes aren't encrypted, S3 buckets requests only come from HTTPS sites, RDS is encrypted at rest by default.

There are lots of useful scenarios whereby we use this. Other examples [of how] we use AWS Config include Redshift cluster configuration check, cloud trial is enabled.
Return on Investment
  • Security awareness. With multiple teams deploying provides easy visibility on any security risks. Security breaches would have a substantial impact on business so a vital investment with little costs.
Alternatives Considered
Products don't appear [in the list] but looked at Azure Functions and Service Bus but as per criticisms of AWS Config does enforce vendor lock-in - AWS Config is only used for AWS workloads.
Other Software Used
Performance
9
Would rate lower for other workloads but for AWS workloads its simple to set up, cost effective and customisable. Primary use case is compliance from a governance perspective.
Ease of Integration
10
With AWS workloads this is seamless.
January 10, 2019

AWS Config for all governance and audit needs

Verified User
Team Lead in Engineering
Financial Services Company, 10,001+ employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
AWS Config is used to assess, audit, and evaluate the configuration of your AWS resources. It is implemented in many applications that use AWS to deploy. It helps in assessment, operational auditing and general governance of AWS resources.
Pros and Cons
  • It can help you define rules for provisioning and configuring of your AWS. We use it for this purpose.
  • It maintains configuration history. So you can use the AWS Management Console, API, or CLI to obtain details of past configurations
  • It gives you a configuration snapshot of all of your AWS resources and you can store it in AWS S3.
  • You can integrate it with AWS CloudTrail to correlate configuration changes to particular events in your account.
  • Dashboarding and graphs should be better and more configurable.
  • Some time the Config Rules are difficult to understand and configure. They could be made easy or have GUI to configure them. I know it is difficult to build but that would be a good win.
Likelihood to Recommend
If you have multiple resources in your AWS environment then AWS Config can provide you with audit, governance, and comparison of any changes to your resource configuration over time. You can create alerts to be notified via AWS SNS if any configuration changes, which is very useful for development teams. Governance in an organization, like “Who made the change?”, “From what IP address?” is a very useful audit and operational governance tool.
Return on Investment
  • A positive is that every organization using a Cloud like AWS needs a feature like AWS Config for managing governance and audit controls.
  • You can assess your overall compliance and risk status from a configuration perspective using pre-built rules. This is very useful for network and cloud management teams.
Alternatives Considered
I do not know or have used any other product in AWS cloud space that matches what AWS Config provides. We have some custom built monitoring and governance, however that is there because AWS Config does not provide it currently.
Other Software Used
Return to navigation