Free Assessment

AWS_Config_2

Ensure AWS Config is enabled in all regions

Description

AWS Config is a web service that performs configuration management of supported AWS resources within your account and delivers log files to you. The recorded information includes the configuration item (AWS resource), relationships between configuration items (AWS resources), any configuration changes between resources. It is recommended to enable AWS Config be enabled in all regions.

Remediation

Perform the following in the AWS Management Console:

  1. Select the region you want to focus on in the top right of the console
  2. Click Services
  3. Click Config
  4. Define which resources you want to record in the selected region
  5. Choose to include global resources (IAM resources)
  6. Specify an S3 bucket in the same account or in another managed AWS account
  7. Create an SNS Topic from the same AWS account or another managed AWS account

API Call

aws configservice start-configuration-recorder

References:

Service

AWS Config

Severity

High

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More