AWS Config for all governance and audit needs
January 10, 2019

AWS Config for all governance and audit needs

Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with AWS Config

AWS Config is used to assess, audit, and evaluate the configuration of your AWS resources. It is implemented in many applications that use AWS to deploy. It helps in assessment, operational auditing and general governance of AWS resources.
  • It can help you define rules for provisioning and configuring of your AWS. We use it for this purpose.
  • It maintains configuration history. So you can use the AWS Management Console, API, or CLI to obtain details of past configurations
  • It gives you a configuration snapshot of all of your AWS resources and you can store it in AWS S3.
  • You can integrate it with AWS CloudTrail to correlate configuration changes to particular events in your account.
  • Dashboarding and graphs should be better and more configurable.
  • Some time the Config Rules are difficult to understand and configure. They could be made easy or have GUI to configure them. I know it is difficult to build but that would be a good win.
  • A positive is that every organization using a Cloud like AWS needs a feature like AWS Config for managing governance and audit controls.
  • You can assess your overall compliance and risk status from a configuration perspective using pre-built rules. This is very useful for network and cloud management teams.
I do not know or have used any other product in AWS cloud space that matches what AWS Config provides. We have some custom built monitoring and governance, however that is there because AWS Config does not provide it currently.
If you have multiple resources in your AWS environment then AWS Config can provide you with audit, governance, and comparison of any changes to your resource configuration over time. You can create alerts to be notified via AWS SNS if any configuration changes, which is very useful for development teams. Governance in an organization, like “Who made the change?”, “From what IP address?” is a very useful audit and operational governance tool.