AWS Config - ideal for AWS workloads
February 07, 2019

AWS Config - ideal for AWS workloads

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with AWS Config

AWS Config allows us to monitor our configuration of AWS resources, whether that be configuration history so we can view any changes which might have caused an issue; or if we want to be able to replicate workloads in a previous configuration.

This also allows us to save all our configurations within an S3 bucket.

We get alerts on some workloads via SNS when applicable.
  • We are able to use AWS config to track changes within our environments.
  • We use AWS Config across multiple accounts (environment segregation) whilst maintaining a central (fully backed up because stores in S3 managed repository.
  • Vendor lock-in, no easy migration path for example if you want to move some workloads to Azure, you'd not be able to lift and shift.
  • Only at an AWS resource perspective - cannot do desired state configuration at an OS level (which makes sense but be good if you could even as a separate feature within AWS Config).
  • Security awareness. With multiple teams deploying provides easy visibility on any security risks. Security breaches would have a substantial impact on business so a vital investment with little costs.
Products don't appear [in the list] but looked at Azure Functions and Service Bus but as per criticisms of AWS Config does enforce vendor lock-in - AWS Config is only used for AWS workloads.
Would rate lower for other workloads but for AWS workloads its simple to set up, cost effective and customisable. Primary use case is compliance from a governance perspective.
With AWS workloads this is seamless.
Ideal for compliance monitoring - so providing easy visibility on what volumes aren't encrypted, S3 buckets requests only come from HTTPS sites, RDS is encrypted at rest by default.

There are lots of useful scenarios whereby we use this. Other examples [of how] we use AWS Config include Redshift cluster configuration check, cloud trial is enabled.