Introducing AWS Config
AWS Config is yet another managed service, under the security and governance wing of services, that provides a detailed view of the configurational settings of each of your AWS resources. Configurational settings here can be anything, from simple settings made to your EC2 instances or VPC subnets, to how one resource is related to another, such as how an EC2 instance is related with an EBS volume, an ENI, and so on. Using AWS Config, you can actually view and compare such configurational changes that were made to your resource in the past, and take the necessary preventative actions if needed.
Here's a list of things that you can basically achieve by using AWS Config:
- Evaluate your AWS resource configurations against a desired setting
- Retrieve and view historical configurations of one or more resources
- Send notifications whenever a particular resource is created, modified, or deleted
- Obtain a configuration snapshot of your resource that you can later use as a blueprint...