AWS Cloud Operations Blog

Category: AWS Config

Automating organizational policies with custom AWS Config Rules and evidence collection in AWS Audit Manager

AWS Config is a service that allows you to evaluate your AWS resources against a desired configuration state using AWS Config Rules. Two types of rules exist, managed rules which are meant to be used out-of-the-box and custom rules for which you define your desired configuration state via code.  AWS Audit Manager can help you […]

Evaluate custom configurations using AWS Config Custom Policy rules and the open source sample repository

Does your organization have custom configuration requirements for your resources? Do you find it challenging to compare actual resource configuration settings against your configuration requirements? Today, you can leverage a new public repository of sample AWS Config custom rules using AWS CloudFormation Guard to help you address these challenges. AWS Config allows you to evaluate actual […]

Monitoring version compliance of Amazon Elastic Kubernetes Service by using AWS Config

Monitoring version compliance of Amazon Elastic Kubernetes Service by using AWS Config

Amazon Elastic Kubernetes Services (Amazon EKS) provides a managed Kubernetes service, simplifying cluster operations by offloading undifferentiated heavy lifting to AWS. With the Kubernetes release cycle of a new release every 4 months, customers have difficulty in keeping their EKS clusters up-to-date, especially across multiple AWS accounts. Additionally, keeping track of EKS version will aid your […]

Manage continuous compliance by using AWS Config Configuration Recorder resource type

AWS Config recently added support for configuration recorder as a resource type. The AWS::Config::ConfigurationRecorder resource is a configuration item (CI) for configuration recorder that tracks changes to the state of AWS Config configuration recorder (configuration recorder). You can use this CI to check if the state of the configuration recorder has changed (drifted), from its […]

Announcing AWS Config now supports recording exclusions by resource type

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to detect these changes and then captures them as configuration items. The configuration recorder is created and started in each Region where you set up AWS Config. By default, the configuration recorder records […]

Estimating AWS Config recorder costs and usage using AWS CloudTrail

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account.  AWS Config uses the configuration recorder to create a configuration item whenever it detects a change to a resource type that it is recording. For example, if AWS Config is recording Amazon S3 buckets, AWS Config creates a configuration […]

Report and visualize your AWS Service Catalog estate

AWS Service Catalog allows organizations to create and manage catalog of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. In addition, organizations can centrally manage deployed IT services, applications, resources, and metadata. This helps you […]

Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks

Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks

Organizations require their cloud environment to be secure and compliant according to their governance policies. AWS Config provides customers configuration details of their resources in AWS accounts. Customers can make use of AWS Config managed rules, AWS Config custom rules or conformance packs to get to know the configuration details of their resources quickly. Being aware of […]

Strategies to Distribute Visibility in Multi-account Environments

Speed matters in business, and AWS customers want to move quickly and securely when they choose to innovate and develop on our platform. As customers scale their AWS footprint, a majority of them adopt a multi-account strategy to separate their workloads and better enable their teams to build rapidly. The AWS multi-account strategy provides guidance […]

How CyberArk Implements Feature Flags with AWS AppConfig

Written by Ran Isenberg, Principal Architect at CyberArk Feature flags are a powerful tool that allow you to change software behavior. In addition, feature flags can improve your CI/CD pipeline by enabling capabilities, such as A/B testing, thus making them an enabler of DevOps and a crucial part of any CI/CD pipeline. However, feature flagging […]