AWS Cloud Operations Blog
Category: AWS Config
Automating organizational policies with custom AWS Config Rules and evidence collection in AWS Audit Manager
AWS Config is a service that allows you to evaluate your AWS resources against a desired configuration state using AWS Config Rules. Two types of rules exist, managed rules which are meant to be used out-of-the-box and custom rules for which you define your desired configuration state via code. AWS Audit Manager can help you […]
Evaluate custom configurations using AWS Config Custom Policy rules and the open source sample repository
Does your organization have custom configuration requirements for your resources? Do you find it challenging to compare actual resource configuration settings against your configuration requirements? Today, you can leverage a new public repository of sample AWS Config custom rules using AWS CloudFormation Guard to help you address these challenges. AWS Config allows you to evaluate actual […]
Monitoring version compliance of Amazon Elastic Kubernetes Service by using AWS Config
Amazon Elastic Kubernetes Services (Amazon EKS) provides a managed Kubernetes service, simplifying cluster operations by offloading undifferentiated heavy lifting to AWS. With the Kubernetes release cycle of a new release every 4 months, customers have difficulty in keeping their EKS clusters up-to-date, especially across multiple AWS accounts. Additionally, keeping track of EKS version will aid your […]
Manage continuous compliance by using AWS Config Configuration Recorder resource type
AWS Config recently added support for configuration recorder as a resource type. The AWS::Config::ConfigurationRecorder resource is a configuration item (CI) for configuration recorder that tracks changes to the state of AWS Config configuration recorder (configuration recorder). You can use this CI to check if the state of the configuration recorder has changed (drifted), from its […]
Announcing AWS Config now supports recording exclusions by resource type
AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to detect these changes and then captures them as configuration items. The configuration recorder is created and started in each Region where you set up AWS Config. By default, the configuration recorder records […]
Estimating AWS Config recorder costs and usage using AWS CloudTrail
AWS Config is a service that tracks configuration changes of AWS resources in your AWS account. AWS Config uses the configuration recorder to create a configuration item whenever it detects a change to a resource type that it is recording. For example, if AWS Config is recording Amazon S3 buckets, AWS Config creates a configuration […]
Report and visualize your AWS Service Catalog estate
AWS Service Catalog allows organizations to create and manage catalog of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. In addition, organizations can centrally manage deployed IT services, applications, resources, and metadata. This helps you […]
Tracking and remediating non-compliant resources by integrating AWS Config and Atlassian Jira Service Management through automated webhooks
Organizations require their cloud environment to be secure and compliant according to their governance policies. AWS Config provides customers configuration details of their resources in AWS accounts. Customers can make use of AWS Config managed rules, AWS Config custom rules or conformance packs to get to know the configuration details of their resources quickly. Being aware of […]
Strategies to Distribute Visibility in Multi-account Environments
Speed matters in business, and AWS customers want to move quickly and securely when they choose to innovate and develop on our platform. As customers scale their AWS footprint, a majority of them adopt a multi-account strategy to separate their workloads and better enable their teams to build rapidly. The AWS multi-account strategy provides guidance […]
How CyberArk Implements Feature Flags with AWS AppConfig
Written by Ran Isenberg, Principal Architect at CyberArk Feature flags are a powerful tool that allow you to change software behavior. In addition, feature flags can improve your CI/CD pipeline by enabling capabilities, such as A/B testing, thus making them an enabler of DevOps and a crucial part of any CI/CD pipeline. However, feature flagging […]