AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config, you can discover existing and deleted AWS resources, determine your overall compliance against rules,and dive in to configuration details of are source at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.

 You will find the “Config” service under Management Tools.

AWS Config

When you navigate to Config for the first time,it’ll ask you to setup the AWS config.Here is the steps to configure the AWS config.

 Choose what resource types to record with AWS config.

           a.  YoucanchoosealltheresourcesinSelectedregionandevenyoucanchooseglobal resources i.e; S3,IAM

 Choose the S3 bucket to store all the logs for the AWS Config.You can opt to create a new bucket or choose an existing bucket.

AWS Config

For AWS Support  9160565554

Send Enquiries : sales@fgrade.com 

Choose an SNS topic to get notification and create an IAM role to perform the tasks on- behalf of us then click on“Next”

AWS Config

If you want to monitor any specific rule,you can select,otherwise you can choose or skip it.

AWS Config

Review and click on confirm to complete the AWS config service setup.

AWS Config

Here is the Config service dashboard,you can choose the specific service and get the details about the changes,events happened

aws config

Let me navigate to S3 bucket to verify the logs,Log path looks similar to Cloud Trail path.

aws config

We can see the below details with AWS Config service:

  1. Resource Type
  2. Resource ID
  3. Compliance
  4. Timeline

a. Configuration Details

b. Relationships

c. Changesd. Cloud Trail Events