AWS Config

Integrations
1. AWS Services
  1. AWS Security Hub
  2. AWS Backup
  3. AWS Control Tower
  4. AWS Audit Manager
  5. AWS Firewall Manager
  6. AWS Systems Manager
2. AWS Config Partners
Security in AWS Config
1. Data Protection in AWS Config
2. AWS Identity and Access Management
3. AWS managed policies for AWS Config
4. Logging and Monitoring in AWS Config
5. Using AWS Config with Interface Amazon VPC Endpoints
6. Incident Response in AWS Config
7. Compliance Validation for AWS Config
8. Resilience in AWS Config
9. Infrastructure Security in AWS Config
10. Security Best Practices for AWS Config
AWS Config Documentation Resources
1. AWS Config Rules Repository
2. Documentation
3. Developer guide
Multi-Account Multi-Region Data Aggregation
1. Setting Up an Aggregator
2. Authorizing Aggregator Accounts
3. Viewing Compliance Data in the Aggregator Dashboard
4. Troubleshooting
Concepts
1. AWS Resources
2. Config Rule Types
  1. AWS Managed Rules
    1. service-linked rules
  2. Custom (customer) Rules
3. Conformance Packs
  1. AWS Control Tower Detective Guardrails Conformance Pack
  2. Operational Best Practices for ABS CCIG 2.0 Material Workloads
  3. Operational Best Practices for ABS CCIG 2.0 Standard Workloads
  4. Operational Best Practices for ACSC Essential 8
  5. Operational Best Practices for ACSC ISM
  6. Operational Best Practices for AI and ML
  7. Operational Best Practices for Amazon API Gateway
  8. Operational Best Practices for Amazon DynamoDB
  9. Operational Best Practices for Amazon S3
  10. Operational Best Practices for APRA CPG 234
  11. Operational Best Practices for Asset Management
  12. Operational Best Practices for AWS Backup
  13. Operational Best Practices for AWS Identity And Access Management
  14. Operational Best Practices for AWS Well-Architected Framework Reliability Pillar
  15. Operational Best Practices for AWS Well-Architected Framework Security Pillar
  16. Operational Best Practices for BCP and DR
  17. Operational Best Practices for BNM RMiT
  18. Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 1
  19. Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 2
  20. Operational Best Practices for CIS Critical Security Controls v8 IG1
  21. Operational Best Practices for CIS Critical Security Controls v8 IG2
  22. Operational Best Practices for CIS Critical Security Controls v8 IG3
  23. Operational Best Practices for CIS Top 20
  24. Operational Best Practices for CISA Cyber Essentials
  25. Operational Best Practices for CMMC Level 1
  26. Operational Best Practices for CMMC Level 2
  27. Operational Best Practices for CMMC Level 3
  28. Operational Best Practices for CMMC Level 4
  29. Operational Best Practices for CMMC Level 5
  30. Operational Best Practices for Compute Services
  31. Operational Best Practices for Data Resiliency
  32. Operational Best Practices for Databases Services
  33. Operational Best Practices for Data Lakes and Analytics Services
  34. Operational Best Practices for DevOps
  35. Operational Best Practices for EC2
  36. Operational Best Practices for Encryption and Key Management
  37. Operational Best Practices for ENISA Cybersecurity guide for SMEs
  38. Operational Best Practices for Esquema Nacional de Seguridad (ENS) Low
  39. Operational Best Practices for Esquema Nacional de Seguridad (ENS) Medium
  40. Operational Best Practices for Esquema Nacional de Seguridad (ENS) High
  41. Operational Best Practices for FDA Title 21 CFR Part 11
  42. Operational Best Practices for FedRAMP(Low)
  43. Operational Best Practices for FedRAMP(Moderate)
  44. Operational Best Practices for FFIEC
  45. Operational Best Practices for HIPAA Security
  46. Operational Best Practices for K-ISMS
  47. Operational Best Practices for Load Balancing
  48. Operational Best Practices for Logging
  49. Operational Best Practices for Management and Governance Services
  50. Operational Best Practices for MAS Notice 655
  51. Operational Best Practices for MAS TRMG
  52. Operational Best Practices for Monitoring
  53. Operational Best Practices for NBC TRMG
  54. Operational Best Practices for NERC CIP
  55. Operational Best Practices for NCSC Cloud Security Principles
  56. Operational Best Practices for NCSC Cyber Assesment Framework
  57. Operational Best Practices for Networking and Content Delivery Services
  58. Operational Best Practices for NIST 800-53 rev 4
  59. Operational Best Practices for NIST 800-53 rev 5
  60. Operational Best Practices for NIST 800 171
  61. Operational Best Practices for NIST 800 172
  62. Operational Best Practices for NIST 800 181
  63. Operational Best Practices for NIST 1800 25
  64. Operational Best Practices for NIST CSF
  65. Operational Best Practices for NIST Privacy Framework v1.0
  66. Operational Best Practices for NYDFS 23
  67. Operational Best Practices for NZISM
  68. Operational Best Practices for PCI DSS 3.2.1
  69. Operational Best Practices for Publicly Accessible Resources
  70. Operational Best Practices for RBI Cyber Security Framework for UCBs
  71. Operational Best Practices for RBI MD-ITF
  72. Operational Best Practices for Security, Identity, and Compliance Services
  73. Operational Best Practices for Serverless
  74. Operational Best Practices for Storage Services
  75. Example Templates with Remediation Action
  76. Custom Conformance Pack
4. Trigger types
  1. Configuration changes
  2. Periodic
5. Configuration History
6. Configuration Items
  1. Metadata
  2. Attributes
  3. Relationships
  4. Current configuration
7. Configuration Recorder
8. Configuration Snapshot
9. Configuration Stream
10. Resource Relationship
Common Scenarios
1. Resource Administration
2. Auditing and Compliance
3. Managing and Troubleshooting Configuration Changes
4. Security Analysis
AWS re:Post questions for AWS Config
Free Cybersecurity Training
AWS Config Pricing
AWS Config Blogs
AWS Config FAQs