- https://aws.amazon.com/config/features/ REGIONAL resource
- Service that enables you to assess, audit, and evaluate the configurations of your AWS resources: EC2, EBS, Security Groups, VPCs, etc. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations:
§ See how the resources are related to one another
§ See how the resources were configured in the past
§ Extract existing resource settings and detect deviations from the standard
§ Receive notifications when resources are added / modified / deleted
- Connection from a resource to the Config service – over the AWS infra
- Config is used for governance and compliance.
- Example: can see what gets affected by a change in a Security Group rule
- Configuration item – a point-in-time view of a configuration of a supported resource
- Configuration history – collection of items for a resource over a period of time. Retention of min 30 days and max 7 years.
- Configuration recorder – stores items in an account
- Snapshot – a collection of configuration items for a resource. Can be delivered to S3
- Configuration stream – near real time, automatically updated list for the resources that are being recorded. Works via an SNS topic
- Service that enables you to assess, audit, and evaluate the configurations of your AWS resources: EC2, EBS, Security Groups, VPCs, etc. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations:
§ See how the resources are related to one another
§ See how the resources were configured in the past
§ Extract existing resource settings and detect deviations from the standard
§ Receive notifications when resources are added / modified / deleted
- Connection from a resource to the Config service – over the AWS infra
- Config is used for governance and compliance.
- Example: can see what gets affected by a change in a Security Group rule
- Configuration item – a point-in-time view of a configuration of a supported resource
- Configuration history – collection of items for a resource over a period of time. Retention of min 30 days and max 7 years.
- Configuration recorder – stores items in an account
- Snapshot – a collection of configuration items for a resource. Can be delivered to S3
- Configuration stream – near real time, automatically updated list for the resources that are being recorded. Works via an SNS topic
- Resource
Relationship – map of relationships between
resources in an account
No comments:
Post a Comment