AWS Config for all governance and audit needs
January 10, 2019
AWS Config for all governance and audit needs
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with AWS Config
AWS Config is used to assess, audit, and evaluate the configuration of your AWS resources. It is implemented in many applications that use AWS to deploy. It helps in assessment, operational auditing and general governance of AWS resources.
- It can help you define rules for provisioning and configuring of your AWS. We use it for this purpose.
- It maintains configuration history. So you can use the AWS Management Console, API, or CLI to obtain details of past configurations
- It gives you a configuration snapshot of all of your AWS resources and you can store it in AWS S3.
- You can integrate it with AWS CloudTrail to correlate configuration changes to particular events in your account.
- Dashboarding and graphs should be better and more configurable.
- Some time the Config Rules are difficult to understand and configure. They could be made easy or have GUI to configure them. I know it is difficult to build but that would be a good win.
- A positive is that every organization using a Cloud like AWS needs a feature like AWS Config for managing governance and audit controls.
- You can assess your overall compliance and risk status from a configuration perspective using pre-built rules. This is very useful for network and cloud management teams.
I do not know or have used any other product in AWS cloud space that matches what AWS Config provides. We have some custom built monitoring and governance, however that is there because AWS Config does not provide it currently.